Hi,
I have a user UCLDEV1 which is a part of staff and a
group(db2schemagrp1) to which i have not given any permissions.
The authorizations of that user are shown as
db2 =get authorizations
Administrative Authorizations for Current User
Direct SYSADM authority = NO
Direct SYSCTRL authority = NO
Direct SYSMAINT authority = NO
Direct DBADM authority = NO
Direct CREATETAB authority = NO
Direct BINDADD authority = NO
Direct CONNECT authority = YES
Direct CREATE_NOT_FENC authority = NO
Direct IMPLICIT_SCHEMA authority = NO
Direct LOAD authority = NO
Direct QUIESCE_CONNECT authority = NO
Direct CREATE_EXTERNAL_ROUTINE authority = NO
Direct SYSMON authority = NO
Indirect SYSADM authority = NO
Indirect SYSCTRL authority = NO
Indirect SYSMAINT authority = NO
Indirect DBADM authority = NO
Indirect CREATETAB authority = NO
Indirect BINDADD authority = YES
Indirect CONNECT authority = YES
Indirect CREATE_NOT_FENC authority = NO
Indirect IMPLICIT_SCHEMA authority = NO
Indirect LOAD authority = NO
Indirect QUIESCE_CONNECT authority = NO
Indirect CREATE_EXTERNAL_ROUTINE authority = NO
Indirect SYSMON authority = NO
db2 =create table test15(num1 INTEGER)
DB21034E The command was processed as an SQL statement because it was
not a
valid Command Line Processor command. During SQL processing it
returned:
SQL0552N "UCLDEV1" does not have the privilege to perform operation
"CREATE
TABLE". SQLSTATE=42502
db2 =alter table test12 add num3 integer
DB20000I The SQL command completed successfully.
db2 =drop table test12
DB20000I The SQL command completed successfully.
db2 =>
However, as the above commands show, i am not able to create any table
with that user, however, i can alter the table or drop the table.
The following command from an admin user gives
/home/db2inst1>"db2 revoke alterin on schema ucldev1 from ucldev1"
DB21034E The command was processed as an SQL statement because it was
not a
valid Command Line Processor command. During SQL processing it
returned:
SQL0556N An attempt to revoke a privilege, security label, or
exemption from
"UCLDEV1" was denied because "UCLDEV1" does not hold this privilege,
security
label, or exemption. SQLSTATE=42504
What could be the reason for it?
Thanks a lot.
Rahul