ACMUSEMODE

Read syntax diagramSkip visual syntax diagram ACMUSEMODE=HIGHLOWLOWHIGHLOWONLY

Specifies how the DB2 ACM user exit is employed by InfoSphere® CDC for z/OS® to verify user access to a DB2 table that is required for replication. The manner in which the DB2 ACM works with the centralized security access control facility can vary from vendor to vendor, and also based on how the facility has been configured. The ACMUSEMODE keyword provides the ability to specify how InfoSphere CDC for z/OS should call the DB2 ACM that is being used, based on the ACM implementation.

The following values may be used for the ACMUSEMODE keyword:

  • HIGHLOW—Specifies that access is tested from the highest to the lowest level. For example, when access to an application table is needed, DBADM for the database that contains the table is tested first, before access to the specific table. Access is allowed for the first successful request that is issued. This method results in fewer calls to the DB2 ACM, because the results of the call are cached so that the same request is never issued twice. This option enables the historical behavior of InfoSphere CDC for z/OS, and is the default value for this keyword.
  • LOWHIGH—Specifies that access is tested from the lowest to the highest level. For example, when access to an application table is needed, access to the specific table is tested first, then, if specific access is not permitted, DBADM for the database that contains the table is tested. This value should be used if the DB2 ACM does not internally issue the request for DBADM authority if the request for specific access to the table is not permitted.
  • LOWONLY—Specifies that access is tested for the lowest requested level only. For example, when access to an application table is needed, access to the specific table is tested. If access is not permitted by the ACM, then access to the table by the user is not permitted by InfoSphere CDC for z/OS. This value should be used if the DB2 ACM internally determines the access to DBADM authority if the request for specific access to the table is not permitted.

This keyword is optional.

Default Setting—HIGHLOW