Managing instance-level authorities
We can define an authority as a predefined role with privileges at instance or database level. In DB2, there are two types of authority: instance level and database level. In this chapter, we will cover instance-level authorities.
Getting ready
We have four instance-level authorities: SYSADM
(system administration authority), SYSCTRL (system control authority), SYSMAINT
(system maintenance authority), and SYSMON (system monitoring authority). Assignment to these authorities is managed through operating system groups.
SYSADM is the highest level authority in DB2. It has full access to data and utilities, has implicit DBADM authority within any database under instance, and can grant and revoke SECADM.
SYSCTRL is the highest level of system control authority. It is mainly an exclusive instance-level authority; it has no privileges to query data from a database unless it has been granted them explicitly. With this authority, it is possible to drop and create...
