Running db2 or Tivoli Storage Manager as the local system account

Resolving The Problem

There are scenarios where the user ID that is supposed to be the DB2 instance owner ID, but does not have the required permission on the database. The result is that you cannot query or run any commands against the Tivoli Storage Manager server database. Error returned:

SQL5193N The current session user does not have usage privilege on any enabled workloads. SQLSTATE=42524

The only account that has permission on the database is the built-in LocalSystem account. The desired user ID needs to be granted the correct permissions to access the database.

For Microsoft Windows, LocalSystem is the predefined user account and cannot be logged in as normal. Here are the steps that will allow user to login as the LocalSystem account to grant access.

1. Login to the system using any of user ID that has Administrator privilege.

2. Download PSTools from Microsoft.

5. From the windows cmd, navigate to the directory where PSTools is extracted.

6. Run command:

psexec -i -s db2cmd

7. A new windows is opened under LocalSystem account. This is the db2cmd windows. Issue the following commands to grant access to a desired user ID:

db2 connect to tsmdb1

Replace XXXX with the user ID that needs to be granted permissions.
Issue command "db2 select grantee,securityadmauth from syscat.dbauth" to verify the new user ID now has permission to access the database.

8. Also verify the user ID is added to Administrators, DB2USERS, DB2ADMNS groups.