APAR status
Closed as program error.
Error description
A job with that utilizes a DB2 Connector stage fails with the following unintuitive error message due to a lack of access rights for the DB2 user: DB2_CONN_ISSUED_TEN99C_SRC_RESULTS_SET: [IIS-CONN-DB2-000004] DB2function SQLFetch failed: SQLSTATE = HY010: Native Error Code = -99,999: Msg = [IBM][CLI Driver] CLI0125E Function sequence error. SQLSTATE=HY010 (CC_DB2Connection::queryEndiannessMatch, file CC_DB2Connection.cpp, line 2,985)
Local fix
The following GRANTs should be specified for the user id that is being used to access the DB2 database: GRANT EXECUTE ON PACKAGE NULLID.SYSSH200 GRANT SELECT ON SYSCAT.ROUTINES GRANT SELECT ON SYSCAT.TABLES GRANT SELECT ON SYSCAT.TABLESPACES GRANT SELECT ON SYSIBM.SYSTABLES GRANT SELECT ON SYSIBM.SYSDUMMY1 GRANT SELECT ON SYSIBM.SYSCOLUMNS GRANT SELECT ON SYSIBM.SYSTABCONST GRANT SELECT ON SYSCAT.CONSTDEP
Problem summary
**************************************************************** USERS AFFECTED: DB2 Connector jobs where the Username property contains a user that does not have sufficient privileges **************************************************************** PROBLEM DESCRIPTION: Running a job that contains the DB2 Connector may fail with the error: [IIS-CONN-DB2-000004] DB2 function SQLFetch failed: SQLSTATE = HY010: Native Error Code = -99,999: Msg = [IBM] [CLI Driver] CLI0125E Function sequence error. SQLSTATE=HY010 The DB2 Connector stage is reporting this error because the user specified in the 'User name' property of the DB2 Connector stage does not have sufficient rights to SELECT or EXECUTE from/against a table/view. **************************************************************** RECOMMENDATION: Apply patch JR37696 ****************************************************************
Problem conclusion
The problem was that the DB2 Connector was checking the wrong handle when SQLExecDirect() returned an error. The DB2 Connector now checks the correct handle, so that the expected error message is returned if the user has insufficient privileges: SQL0551N "USER" does not have the privilege to perform operation "SELECT" on object "TABLE". (SQLSTATE=42501) The user must still be granted the necessary privileges, but now the error message indicating what user and table is correct. Also note that the requirement to grant SELECT privileges on SYSCAT.TABLES has been removed under this APAR. The DB2 Connector no longer needs to read from this table.
Temporary fix
Comments
APAR Information
APAR number
JR37696
Reported component name
INFO SRVR PLATF
Reported component ID
5724Q3612
Reported release
810
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt
Submitted date
2010-09-07
Closed date
2010-09-24
Last modified date
2010-09-24
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Modules/Macros
SERVER
Fix information
Fixed component name
INFO SRVR PLATF
Fixed component ID
5724Q3612
Applicable component levels
R810 PSN
UP
[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSZJPZ","label":"IBM InfoSphere Information Server"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"8.1","Edition":"","Line of Business":{"code":"LOB10","label":"Data and AI"}}]
Document Information
Modified date:
24 September 2010