The Catalog Synchronization Utility lets you bring DB2 catalog entries up‑to‑date with CA ACF2 Option for DB2 rules. Because CA ACF2 Option for DB2 replaces DB2 security with authorizations kept in the Infostorage database, CA ACF2 Option for DB2 does not update the DB2 catalog during normal processing. When changes are made to logonids or the CA ACF2 Option for DB2 authorizations, the catalog security information becomes obsolete for those products that rely on the catalog for reporting purposes. To allow products to continue to use up‑to‑date DB2 catalog information, CA ACF2 Option for DB2 introduces the Catalog Synchronization Utility.
The Catalog Synchronization Utility changes DB2 catalog information to reflect accesses allowed and denied under CA ACF2 Option for DB2. For information on specific exceptions, see Implementation Considerations. This utility can extract information from CA ACF2 Option for DB2, native DB2, and the CA ACF2 SMF records, create SQL GRANT and REVOKE statements from this information, and update the DB2 catalog. Creating these GRANT and REVOKE statements is the primary function of the Catalog Synchronization Utility. You can synchronize all or specific users and resources or synchronize only those logonids or authorizations that have recently changed. To execute the Catalog Synchronization Utility, you might need certain CA ACF2, CA ACF2 Option for DB2, or native DB2 privileges. These requirements are described in the section titled JCL Information later in this chapter.
The two types of synchronizations are:
|
Copyright © 2011 CA Technologies.
All rights reserved.
|
|