SYSUSERAUTH catalog table
The SYSUSERAUTH table records the system privileges that are held by users. The schema is SYSIBM.
Column name | Data type | Description | Use |
---|---|---|---|
GRANTOR | VARCHAR(128)
NOT NULL |
Authorization ID of the user who granted the privileges. | G |
GRANTEE | VARCHAR(128)
NOT NULL |
Authorization ID of the user that holds the privilege. Could also be PUBLIC for a grant to PUBLIC. | G |
— | CHAR(12)
NOT NULL |
Internal use only. | I |
DATEGRANTED | CHAR(6)
NOT NULL |
Not used. | N |
TIMEGRANTED | CHAR(8)
NOT NULL |
Not used. | N |
GRANTEETYPE | CHAR(1)
NOT NULL |
Not used. | N |
AUTHHOWGOT | CHAR(1)
NOT NULL WITH DEFAULT |
Authorization level of the user from whom the privileges
were received. This authorization level is not necessarily the highest
authorization level of the grantor.
|
G |
ALTERBPAUTH | CHAR(1)
NOT NULL |
Not used. | N |
BINDADDAUTH | CHAR(1)
NOT NULL |
Whether the GRANTEE can use the BIND subcommand
with the ADD option:
|
G |
BSDSAUTH | CHAR(1)
NOT NULL |
Whether the GRANTEE can issue the RECOVER BSDS
command:
|
G |
CREATEDBAAUTH | CHAR(1)
NOT NULL |
Whether the GRANTEE can create databases and automatically
receive DBADM authority over the new databases:
|
G |
CREATEDBCAUTH | CHAR(1)
NOT NULL |
Whether the GRANTEE can execute the CREATE DATABASE
statement to create new databases and automatically receive DBCTRL
authority over the new databases:
|
G |
CREATESGAUTH | CHAR(1)
NOT NULL |
Whether the GRANTEE can execute the CREATE STOGROUP
statement to create new storage groups:
|
G |
DISPLAYAUTH | CHAR(1)
NOT NULL |
Whether the GRANTEE can use the DISPLAY commands:
|
G |
RECOVERAUTH | CHAR(1)
NOT NULL |
Whether the GRANTEE can use the RECOVER INDOUBT
command:
|
G |
STOPALLAUTH | CHAR(1)
NOT NULL |
Whether the GRANTEE can use the STOP command:
|
G |
STOSPACEAUTH | CHAR(1)
NOT NULL |
Whether the GRANTEE can use the STOSPACE utility:
|
G |
SYSADMAUTH | CHAR(1)
NOT NULL |
Whether the GRANTEE has system administration authority:
GRANTEE has the privilege with the GRANT option for a value of either Y or G. |
G |
SYSOPRAUTH | CHAR(1)
NOT NULL |
Whether the GRANTEE has system operator authority:
|
G |
TRACEAUTH | CHAR(1)
NOT NULL |
Whether the GRANTEE can issue the START TRACE and
STOP TRACE commands:
|
G |
IBMREQD | CHAR(1)
NOT NULL |
A value of Y indicates that the row was provided with the Db2 product code. For all other values, see Release dependency indicators. The value in this field is not a reliable indicator of release dependencies. |
G |
MON1AUTH | CHAR(1)
NOT NULL WITH DEFAULT |
Whether the GRANTEE can obtain IFC serviceability
data:
|
G |
MON2AUTH | CHAR(1)
NOT NULL WITH DEFAULT |
Whether the GRANTEE can obtain IFC data:
|
G |
CREATEALIASAUTH | CHAR(1)
NOT NULL WITH DEFAULT |
Whether the GRANTEE can execute the CREATE ALIAS
statement:
|
G |
SYSCTRLAUTH | CHAR(1)
NOT NULL WITH DEFAULT |
Whether the GRANTEE has SYSCTRL authority:
|
G |
BINDAGENTAUTH | CHAR(1)
NOT NULL WITH DEFAULT |
Whether the GRANTEE has BINDAGENT privilege:
|
G |
ARCHIVEAUTH | CHAR(1)
NOT NULL WITH DEFAULT |
Whether the GRANTEE is privileged to use the ARCHIVE
LOG command:
|
G |
CAPTURE1AUTH | CHAR(1)
NOT NULL WITH DEFAULT |
Not used. | N |
CAPTURE2AUTH | CHAR(1)
NOT NULL WITH DEFAULT |
Not used. | N |
GRANTEDTS | TIMESTAMP
NOT NULL WITH DEFAULT |
Time when the GRANT statement was executed. The value is '1985-04-01.00.00.00.000000' for the one installation row. | G |
CREATETMTABAUTH
|
CHAR(1)
NOT NULL WITH DEFAULT |
Whether the GRANTEE has CREATETMTABAUTH privilege:
|
G |
GRANTEETYPE | CHAR(1)
NOT NULL WITH DEFAULT |
Indicates the type of grantee:
|
G |
GRANTORTYPE | CHAR(1)
NOT NULL WITH DEFAULT |
Indicates the type of grantor:
|
G |
DEBUGSESSIONAUTH
|
CHAR(1)
NOT NULL WITH DEFAULT |
Whether the GRANTEE has DEBUGSESSION privilege:
|
G |
EXPLAINAUTH | CHAR(1)
NOT NULL WITH DEFAULT |
Whether the GRANTEE can explain and prepare statements:
|
G |
SQLADMAUTH | CHAR(1)
NOT NULL WITH DEFAULT |
Whether the GRANTEE has SQLADM authority:
|
G |
SDBADMAUTH | CHAR(1)
NOT NULL WITH DEFAULT |
Whether the GRANTEE has system DBADM authority:
|
G |
DATAACCESSAUTH | CHAR(1)
NOT NULL WITH DEFAULT |
Whether the GRANTEE has DATAACCESS authority:
|
G |
ACCESSCTRLAUTH | CHAR(1)
NOT NULL WITH DEFAULT |
Whether the GRANTEE has ACCESSCTRL authority:
|
G |
CREATESECUREAUTH
|
CHAR(1)
NOT NULL WITH DEFAULT |
Whether the GRANTEE can create secured objects
(triggers and user-defined functions):
|
G |
SYS_START | TIMESTAMP(12)
NOT NULL GENERATED ALWAYS AS ROW BEGIN |
Reserved for future IBM® use.The row-begin column of the SYSTEM_TIME period, for system-period data versioning. | G |
SYS_END | TIMESTAMP(12)
NOT NULL GENERATED ALWAYS AS ROW END |
Reserved for future IBM use.The row-end column of the SYSTEM_TIME period, for system-period data versioning. | G |
TRANS_START | TIMESTAMP(12)
NOT NULL GENERATED ALWAYS AS TRANSACTION START ID |
Reserved for future IBM use. | G |