| View previous topic :: View next topic |
| Author |
Message |
Bithead
Advanced
Joined: 03 Jan 2003
Posts: 550
Topics: 23
Location: Michigan, USA
|
 Posted: Thu Aug 11, 2005 2:25 pm Post subject: DB2 SysAdm removal |
 |
|
| I have been able to remove a user as system administrator by making the user Install SysAdm and issuing the REVOKE. Now I have to remove all other access for that user. I am attempting to revoke DBADM but I am getting a -556 when the user actually created the database (that is the GRANTOR and the GRANTEE are the same). How do I remove this privilege? |
|
| Back to top |
|
 |
kolusu
Site Admin
Joined: 26 Nov 2002
Posts: 12375
Topics: 75
Location: San Jose
|
| Posted: Thu Aug 11, 2005 4:23 pm Post subject: |
|
|
| Quote: |
I am attempting to revoke DBADM but I am getting a -556 when the user actually created the database (that is the GRANTOR and the GRANTEE are the same).
|
Bithead,
Yikes ! From what I read , if your prior DBA is the creator of the database and thus gets all privileges including DBADM automatically. The only way to revoke DBADM from him would be to drop the database and recreate it with another id(new DBA) as creator.
I am not sure if this works but worth a try.
| Code: |
REVOKE DBADM ON DATABASE dbname FROM old-dba BY old-dba;
|
May be you should start using RACF groups from now onwards
Hope this helps...
Cheers
Kolusu
_________________
Kolusu
www.linkedin.com/in/kolusu |
|
| Back to top |
|
|
Bithead
Advanced
Joined: 03 Jan 2003
Posts: 550
Topics: 23
Location: Michigan, USA
|
| Posted: Fri Aug 12, 2005 10:45 am Post subject: |
|
|
Thanks Kolusu. It is more of an audit (SOX) issue than anything else.
We use Top Secret, not RACF, and we don't have the DB2 module. I am not going to be making dramatic system changes because our mainframe is on it's way out! |
|
| Back to top |
|
|
|
|
|
FAQ
Search
Quick Manuals
Register
Profile
Log in to check your private messages
Log in
