| Bookshelf Home | Contents | Index | Search | PDF | |
Implementing Siebel eBusiness Applications on DB2 UDB for OS/390 and z/OS > Security > OS/390 and z/OS Security >
Using a Group ID
The use of a group authorization ID significantly reduces administrative tasks associated with database security. The administrator grants privileges only once to a group ID rather than to each Siebel eBusiness Applications user.
The Siebel installation process allows installers to specify a group ID for client access with the default group of SSEROLE. The installation process generates the appropriate SQL grant statements for that group to allow INSERT, UPDATE, SELECT, and DELETE to application tables. Furthermore, that same group is specified in a SET CURRENT SQLID statement so that reuse of the statement cache is maximized. Therefore, it is important that the selected group be among the list of secondary authorization IDs for all users of the applications.
Grant statements for additional group IDs. Group IDs must be created separately. Siebel applications include the grantstat.sql script to generate grant statements to grant access to interface tables. For a discussion of the grantstat.sql script, see Granting Table Privileges.
The grant statements must be executed by either the table owner or by users with DBADM or SYSADM privileges.
To disable a grant, issue a revoke statement.
| Bookshelf Home | Contents | Index | Search | PDF | |
Implementing Siebel eBusiness Applications on DB2 UDB for OS/390 and z/OS Published: 18 April 2003 |