Prepare Database Users and Privileges for Db2 LUW
Learn about creating database users and assigning privileges for Oracle GoldenGate for Db2 LUW.
-
Create a database user that is dedicated to Oracle GoldenGate. It can be the same user for all of the Oracle GoldenGate processes that must connect to a database:
-
Extract (source database)
-
Replicat (target database)
-
DEFGEN(source or target database)
-
-
To preserve the security of your data, and to monitor Oracle GoldenGate processing accurately, do not permit other users, applications, or processes to log on as, or operate as, the Oracle GoldenGate database user. It is recommended that you store the login credentials in an Oracle GoldenGate credential store. The credential store makes use of local secure storage for the login names and passwords, and permits you to specify only an alias in the Oracle GoldenGate parameter files.
-
Assign system administrator (
SYSADM) or database administrator (DBADM) authority to the database user under which Extract runs. To give the Extract userDBADMauthority, a user withSYSADMauthority can issue the following grant statement.GRANT DBADM ON DATABASE TO USERuserThis authority can also be granted from the
User and Group Objectsfolder in the DB2 Control Center. The database tab for the user that is assigned to an Oracle GoldenGate process should have the Database Administrative Authority box checked.Note:
If the Extract user does not have the required authority, Extract will log the following errors and stop.
[SC=-1224:SQL1224N A database agent could not be started to service a request, or was terminated as a result of a database system shutdown or a force command. SQL STATE 55032: The CONNECT statement is invalid, because the database manager was stopped after this application was started]
-
Grant at least the following privileges to the database user under which Replicat runs:
-
Local
CONNECTto the target database -
SELECTon the system catalog views -
SELECT,INSERT,UPDATE, andDELETEon the target tables
-