DB2 users and groups

Posted by Arun Srini on Server Fault See other posts from Server Fault or by Arun Srini
Published on 2009-12-14T14:34:23Z Indexed on 2010/04/16 18:04 UTC
Read the original article Hit count: 430

Just want to know everyone's experience and take on managing users/authentication on a multi-node db2 cluster with users groups. I have 17 apps in production (project based company, only 2 online apps), and some 30 users with 7 groups.

  1. prodsel - group that has select privilege on all tables
  2. produpdt - update group on selective tables (as required by the apps)
  3. proddel - delete
  4. prodins - insert permissions for the group

Now what my company does is when an app uses certain user (called app1user), and needs select and insert privilege on a table, they 1. grant select and insert for prodsel, prodins respectively 2. add the user under those two groups... now this creates one to many relationship between user and privileges, and this app1user also gets select on other tables granted for the prodsel group. I know this is wrong. Before I explain, I need to know how this is done elsewhere. Please share your experiences, even if you use other Databases that uses OS level authentication.

© Server Fault or respective owner

Related posts about db2

Related posts about database-adminstration