How to check DB2 SYSADM or SYSCTRL authorization for a user with AUTH_LIST_AUTHORITIES_FOR_AUTHID

13 June,2014 by Jack Vamvas

Question: How can I determine if a user has SYSADM or SYSCTRL authorization?

I've read the DB2 - A Security Primer , but couldn't locate any commands

Answer: Use the AUTH_LIST_AUTHORITIES_FOR_AUTHID    table function.  The function has replaced the get authorizations command. The function returns authorities granted to an ID directly or indirectly

Syntax example using AUTH_LIST_AUTHORITIES_FOR_AUTHID

Return authorities granted to user JACK , either explicitly or via a role or group

 

SELECT AUTHORITY, D_USER, D_GROUP, D_PUBLIC, ROLE_USER, ROLE_GROUP, ROLE_PUBLIC, D_ROLE   FROM TABLE (SYSPROC.AUTH_LIST_AUTHORITIES_FOR_AUTHID ('JACK', 'U') ) AS T    ORDER BY AUTHORITY

 

Read More on DB2 security

DB2 – Audit Failed logons

Author: Jack Vamvas(http://www.dba-db2.com)

Share:

Verify your Comment

Previewing your Comment

This is only a preview. Your comment has not yet been posted.

Working...
Your comment could not be posted. Error type:
Your comment has been saved. Comments are moderated and will not appear until approved by the author. Post another comment

The letters and numbers you entered did not match the image. Please try again.

As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.

Having trouble reading this image? View an alternate.

Working...

Post a comment on How to check DB2 SYSADM or SYSCTRL authorization for a user with AUTH_LIST_AUTHORITIES_FOR_AUTHID

Comments are moderated, and will not appear until the author has approved them.


dba-db2.com | DB2 Performance Tuning | DBA DB2:Everything | FAQ | Contact | Copyright