Required Db2 privileges
If you choose not to grant SQLADM privileges to the user IDs that are used to install and use IBM® Z Database Assistant, you must manually grant the required privileges to the appropriate IDs.
Overview
Using the Overview page of IBM Z Database Assistant requires SELECT privilege on several Db2® for z/OS® system catalog tables. You can use the following statements to grant SELECT privilege on these tables:
GRANT SELECT ON TABLE SYSIBM.SYSDATABASE TO user-ID
GRANT SELECT ON TABLE SYSIBM.SYSINDEXPART TO user-ID
GRANT SELECT ON TABLE SYSIBM.SYSINDEXSPACESTATS TO user-ID
GRANT SELECT ON TABLE SYSIBM.SYSLEVELUPDATES TO user-ID
GRANT SELECT ON TABLE SYSIBM.SYSSYNONYMS TO user-ID
GRANT SELECT ON TABLE SYSIBM.SYSTABLEPART TO user-ID
GRANT SELECT ON TABLE SYSIBM.SYSTABLES TO user-ID
GRANT SELECT ON TABLE SYSIBM.SYSTABLESPACE TO user-ID
GRANT SELECT ON TABLE SYSIBM.SYSTABLESPACESTATS TO user-ID
GRANT SELECT ON SYSML.DSN_ML_QUERY_ACCESSPATH_RECOMMENDATION TO user-ID
GRANT SELECT ON SYSML.DSN_ML_AKIRA_METRICS_MASTER TO user-ID
GRANT SELECT ON SYSML.DSN_ML_AKIRA_METRICS_BP_GBP_MASTER TO user-IDEXECUTE privilege is required on the following table functions:
GRANT EXECUTE ON DSNML.GET_DEADLOCK_VIEW TO user-ID
GRANT EXECUTE ON DSNML.GET_TIMEOUT_VIEW TO user-ID
GRANT EXECUTE ON DSNML.GET_LOCK_ESCALATION_VIEW TO user-IDObject explorer (catalog navigation)
Using the IBM Z Database Assistant Object explorer requires SELECT privilege on several Db2 for z/OS system catalog tables. You can use the following statements to grant SELECT privilege on these tables:
GRANT SELECT ON SYSIBM.SYSCHECKDEP TO user-ID;
GRANT SELECT ON SYSIBM.SYSCOLUMNS TO user-ID;
GRANT SELECT ON SYSIBM.SYSCONTROLS TO user-ID;
GRANT SELECT ON SYSIBM.SYSDATABASE TO user-ID;
GRANT SELECT ON SYSIBM.SYSDATATYPES TO user-ID;
GRANT SELECT ON SYSIBM.SYSDEPENDENCIES TO user-ID;
GRANT SELECT ON SYSIBM.SYSFOREIGNKEYS TO user-ID;
GRANT SELECT ON SYSIBM.SYSINDEXES TO user-ID;
GRANT SELECT ON SYSIBM.SYSJAROBJECTS TO user-ID;
GRANT SELECT ON SYSIBM.SYSKEYCOLUSE TO user-ID;
GRANT SELECT ON SYSIBM.SYSKEYS TO user-ID;
GRANT SELECT ON SYSIBM.SYSPACKAGE TO user-ID;
GRANT SELECT ON SYSIBM.SYSPACKDEP TO user-ID;
GRANT SELECT ON SYSIBM.SYSPACKLIST TO user-ID;
GRANT SELECT ON SYSIBM.SYSPACKSTMT TO user-ID;
GRANT SELECT ON SYSIBM.SYSPARMS TO user-ID;
GRANT SELECT ON SYSIBM.SYSPLAN TO user-ID;
GRANT SELECT ON SYSIBM.SYSROUTINES TO user-ID;
GRANT SELECT ON SYSIBM.SYSSEQUENCES TO user-ID;
GRANT SELECT ON SYSIBM.SYSSEQUENCESDEP TO user-ID;
GRANT SELECT ON SYSIBM.SYSSTOGROUP TO user-ID;
GRANT SELECT ON SYSIBM.SYSTABCONST TO user-ID;
GRANT SELECT ON SYSIBM.SYSTABLEPART TO user-ID;
GRANT SELECT ON SYSIBM.SYSTABLES TO user-ID;
GRANT SELECT ON SYSIBM.SYSTABLESPACE TO user-ID;
GRANT SELECT ON SYSIBM.SYSTRIGGERS TO user-ID;
GRANT SELECT ON SYSIBM.SYSVARIABLES TO user-ID;
GRANT SELECT ON SYSIBM.SYSVIEWDEP TO user-ID;
GRANT SELECT ON SYSIBM.SYSVIEWS TO user-ID;
GRANT SELECT ON SYSIBM.SYSVOLUMES TO user-ID;Chat agent
Using the IBM Z Database Assistant chat agent requires SELECT privilege on several Db2 for z/OS system catalog tables. You can use the following statements to grant SELECT privilege on these tables:
GRANT SELECT ON TABLE SYSIBM.DSNSERVICE TO Db2 Agent user-ID;
GRANT SELECT ON TABLE SYSIBM.SYSCHECKDEP TO Db2 Agent user-ID;
GRANT SELECT ON TABLE SYSIBM.SYSCOLUMNS TO Db2 Agent user-ID;
GRANT SELECT ON TABLE SYSIBM.SYSCONTROLS TO Db2 Agent user-ID;
GRANT SELECT ON TABLE SYSIBM.SYSDATABASE TO Db2 Agent user-ID;
GRANT SELECT ON TABLE SYSIBM.SYSDATATYPES TO Db2 Agent user-ID;
GRANT SELECT ON TABLE SYSIBM.SYSDEPENDENCIES TO Db2 Agent user-ID;
GRANT SELECT ON TABLE SYSIBM.SYSFOREIGNKEYS TO Db2 Agent user-ID;
GRANT SELECT ON TABLE SYSIBM.SYSINDEXES TO Db2 Agent user-ID;
GRANT SELECT ON TABLE SYSIBM.SYSJARCONTENTS TO Db2 Agent user-ID;
GRANT SELECT ON TABLE SYSIBM.SYSJAROBJECTS TO Db2 Agent user-ID;
GRANT SELECT ON TABLE SYSIBM.SYSJAVAPATHS TO Db2 Agent user-ID;
GRANT SELECT ON TABLE SYSIBM.SYSKEYCOLUSE TO Db2 Agent user-ID;
GRANT SELECT ON TABLE SYSIBM.SYSKEYS TO Db2 Agent user-ID;
GRANT SELECT ON TABLE SYSIBM.SYSPACKAGE TO Db2 Agent user-ID;
GRANT SELECT ON TABLE SYSIBM.SYSPACKDEP TO Db2 Agent user-ID;
GRANT SELECT ON TABLE SYSIBM.SYSPACKLIST TO Db2 Agent user-ID;
GRANT SELECT ON TABLE SYSIBM.SYSPACKSTMT TO Db2 Agent user-ID;
GRANT SELECT ON TABLE SYSIBM.SYSPARMS TO Db2 Agent user-ID;
GRANT SELECT ON TABLE SYSIBM.SYSPLAN TO Db2 Agent user-ID;
GRANT SELECT ON TABLE SYSIBM.SYSROUTINES TO Db2 Agent user-ID;
GRANT SELECT ON TABLE SYSIBM.SYSROUTINES_SRC TO Db2 Agent user-ID;
GRANT SELECT ON TABLE SYSIBM.SYSSEQUENCES TO Db2 Agent user-ID;
GRANT SELECT ON TABLE SYSIBM.SYSSEQUENCESDEP TO Db2 Agent user-ID;
GRANT SELECT ON TABLE SYSIBM.SYSSTOGROUP TO Db2 Agent user-ID;
GRANT SELECT ON TABLE SYSIBM.SYSTABCONST TO Db2 Agent user-ID;
GRANT SELECT ON TABLE SYSIBM.SYSTABLEPART TO Db2 Agent user-ID;
GRANT SELECT ON TABLE SYSIBM.SYSTABLES TO Db2 Agent user-ID;
GRANT SELECT ON TABLE SYSIBM.SYSTABLESPACE TO Db2 Agent user-ID;
GRANT SELECT ON TABLE SYSIBM.SYSTABLESPACESTATS TO Db2 Agent user-ID;
GRANT SELECT ON TABLE SYSIBM.SYSTRIGGERS TO Db2 Agent user-ID;
GRANT SELECT ON TABLE SYSIBM.SYSVARIABLES TO Db2 Agent user-ID;
GRANT SELECT ON TABLE SYSIBM.SYSVIEWS TO Db2 Agent user-ID;
GRANT SELECT ON TABLE SYSIBM.SYSVIEWDEP TO Db2 Agent user-ID;
GRANT SELECT ON TABLE SYSIBM.SYSVOLUMES TO Db2 Agent user-IDAccess control agent
Using the Access control agent requires SELECT privilege on several Db2 for z/OS system catalog tables. You can use the following statements to grant SELECT privilege on these tables:
GRANT SELECT ON TABLE SYSIBM.SYSUSERAUTH TO Db2 Agent user-ID;
GRANT SELECT ON TABLE SYSIBM.SYSDBAUTH TO Db2 Agent user-ID;
GRANT SELECT ON TABLE SYSIBM.SYSTABAUTH TO Db2 Agent user-ID;
GRANT SELECT ON TABLE SYSIBM.SYSPACKAUTH TO Db2 Agent user-ID;
GRANT SELECT ON TABLE SYSIBM.SYSROUTINEAUTH TO Db2 Agent user-ID;
GRANT SELECT ON TABLE SYSIBM.SYSPLANAUTH TO Db2 Agent user-ID;
GRANT SELECT ON TABLE SYSIBM.SYSSCHEMAAUTH TO Db2 Agent user-ID;
GRANT SELECT ON TABLE SYSIBM.SYSSEQUENCEAUTH TO Db2 Agent user-ID;
GRANT SELECT ON TABLE SYSIBM.SYSCOLAUTH TO Db2 Agent user-ID;
GRANT SELECT ON TABLE SYSIBM.SYSRESAUTH TO Db2 Agent user-ID;
GRANT SELECT ON TABLE SYSIBM.SYSVARIABLEAUTH TO Db2 Agent user-ID;
GRANT SELECT ON TABLE SYSIBM.SYSDATABASE TO Db2 Agent user-ID;
GRANT SELECT ON TABLE SYSIBM.SYSTABLES TO Db2 Agent user-ID;
GRANT SELECT ON TABLE SYSIBM.SYSROUTINES TO Db2 Agent user-ID;
GRANT SELECT ON TABLE SYSIBM.SYSPACKAGE TO Db2 Agent user-ID;
GRANT SELECT ON TABLE SYSIBM.SYSPLAN TO Db2 Agent user-ID;
GRANT SELECT ON TABLE SYSIBM.SYSSEQUENCES TO Db2 Agent user-ID;
GRANT SELECT ON TABLE SYSIBM.SYSTABLESPACE TO Db2 Agent user-ID;
GRANT SELECT ON TABLE SYSIBM.SYSSTOGROUP TO Db2 Agent user-ID;
GRANT SELECT ON TABLE SYSIBM.SYSCOLUMNS TO Db2 Agent user-ID;
GRANT SELECT ON TABLE SYSIBM.SYSVARIABLES TO Db2 Agent user-ID;
GRANT SELECT ON TABLE SYSIBM.SYSROLES TO Db2 Agent user-ID;
GRANT SELECT ON TABLE SYSIBM.SYSCONTEXT TO Db2 Agent user-ID;
GRANT SELECT ON TABLE SYSIBM.SYSCONTEXTAUTHIDS TO Db2 Agent user-ID;
GRANT SELECT ON TABLE SYSIBM.SYSCTXTTRUSTATTRS TO Db2 Agent user-ID;
GRANT SELECT ON TABLE SYSIBM.SYSCONTROLS TO Db2 Agent user-ID;