Bookshelf v7.5: Required Authorizations

Table 2 lists the authorizations that are required by a DB2 database administrator or system programmer to implement Siebel eBusiness Applications on DB2 UDB for OS/390 and z/OS.

Table 2. Authorizations Needed by DB2 Database Administrators
Task	Authorization Required	Task Command Example
Alter a buffer pool.	SYSADM, SYSCTRL, SYSOPR	`ALTER BUFFERPOOL (BP32K1) HPSIZE(4000)`
Grant use of a buffer pool.	SYSADM, SYSCTRL	`GRANT USE OF BUFFERPOOL BP32K1 TO PUBLIC;`
Grant CREATEIN for triggers.	SYSADM, SYSCTRL	`GRANT CREATEIN ON SCHEMA SIEBTO;`
Create a storage group.	SYSADM, SYSCTRL	`CREATE STOGROUP SIEBEL VOLUMES('*') VCAT SIEBEL;`
Grant use of a storage group.	SYSADM, SYSCTRL	`GRANT USE OF STOGROUP SIEBEL TO PUBLIC;`
Grant CREATEDBA and DBADM authority.	SYSADM, SYSCTRL	`GRANT CREATEDBA TO SIEBTO;`
Create a database.	SYSADM, SYSCTRL, CREATEDBA, CREATEDBC	`SET CURRENT SQLID='SIEBTO'; CREATE DATABASE SIEBDB01 CCSID ASCII BUFFERPOOL BP1;`
Alter a table space.	DBADM, SYSADM, SYSCTRL	`ALTER TABLESPACE D0010002.H0677000 BUFFERPOOL BP16K0;`
Create a table space.	SYSADM, SYSCTRL, DBADM, DBCTRL, DBMAINT, CREATETS	`SET CURRENT SQLID='SIEBTO'; CREATE TABLESPACE H0001004 IN SIEBDB01 USING STOGROUP SIEBEL PRIQTY 720 SECQTY 720 BUFFERPOOL BP32K1 SEGSIZE 64 COMPRESS YES LOCKSIZE PAGE;`
Modify DB2 Connect package (if package already exists).	DBADM, SYSADM, BIND privilege on the package, ALTERIN privilege on the schema	`BIND c:\sqllib\bnd\@ddcsmvs.lst COLLECTION SIEBEL BLOCKING ALL DYNAMICRULES BIND OWNER SIEBTO QUALIFIER SIEBTO SQLERROR CONTINUE`
Modify DB2 Connect package (if a package does not already exist).	DBADM, SYSADM, BINDADD privilege, and IMPLICIT_SCHEMA authority on the database if the schema name does not exist CREATIN privilege on the schema if the schema name of the package exists	`BIND c:\sqllib\bnd\@ddcsmvs.lst COLLECTION SIEBEL BLOCKING ALL DYNAMICRULES BIND OWNER SIEBTO QUALIFIER SIEBTO SQLERROR CONTINUE`
Alter a table.	DBADM, SYSADM, SYSCTRL	`ALTER TABLE SIEBTO.S_CONTACT` `ALTER COLUMN COMMENTS SET DATA TYPE VARCHAR (100)`
Create a table.	SYSADM, SYSCTRL, DBADM, DBCTRL, DBMAINT, CREATETAB	`SET CURRENT SQLID='SIEBTO'; CREATE TABLE S_SSA_ID,(...)IN SIEBDB12.H0059004;`
Alter an index.	DBADM, SYSADM, SYSCTRL	`ALTER INDEX SIEBTO.S_CONTACT_U1 BUFFERPOOL BP30;`
Create an index.	SYSADM, SYSCTRL, DBADM, DBCTRL	`SET CURRENT SQLID='SIEBTO';CREATE UNIQUE INDEX S_SSA_ID_P1 ON S_SSA_ID(ROW_ID)USING STOGROUP SIEBEL PRIQTY 720 SECQTY 720 DEFINE NO CLOSE YES PCTFREE 30 BUFFERPOOL BP1;`
Grant CREATE or PACKADM for stored procedures.	SYSADM, SYSCTRL	`GRANT CREATE ON COLLECTION SIEBINST TO SIEBDBA;`
Grant CREATEIN for triggers.	SYADM, SYSCTRL	`GRANT CREATEIN ON SCHEMA SIEBTO;`
Grant BINDADD.	SYSADM, SYSCTRL	`GRANT BINDADD TO SIEBDBA;`
Grant SELECT on catalog tables.	SYSADM, SYSCTRL	`GRANT SELECT ON SYSIBM.SYSTABLES TO SIEBTO;`

Table 3 lists authorizations that might be needed by users of Siebel eBusiness Applications. Your enterprise might have unique role names it assigns with the authorities listed below. Therefore, sample role names are offered as examples only.

Table 3. Authorizations Needed by Siebel Application Users
Task	Role	Authorization Required	Task Command Example
Performing the following actions on Siebel tables: Delete Insert Select Update	Siebel group ID (for example, SSEROLE group)	Table privileges granted automatically as part of installation	`GRANT ALL ON TABLE S_SSA_ID TO SSEROLE;`
Setting the current SQL ID	Schema qualifier group or individual ID	Owns the schema objects (created by DBADM) that will be used during the installation of the Siebel product	`SET CURRENT SQLID='SIEBTO';`
Performing server functions such as: Runstats Generate triggers	Siebel administrator group	Member of the generic user role Actual member of the RACF (or other security package) group, selected to act as administrator	`SIEBDBA`

NOTE: SSEROLE and SADMIN are Siebel defaults for the Siebel user group and the Siebel administrator. However, these names are not required and can be changed to meet your organization's naming conventions.