Previous Topic: DB2BUFFPNext Topic: DB2DBASE

Protecting ResourcesDB2COLL

DB2COLL

Description

Identifies DB2 collections. and determines who can access and who owns the authority to add packages to a particular COLLECTION‑ID.

TSS Commands

The following TSS commands can be used with the DB2COLL keyword: CREATE, DELETE, ADDTO, REMOVE, PERMIT, REVOKE, ADMIN, DEADMIN, WHOOWNS, WHOHAS.

TSS ADDTO or REMOVE

Syntax
TSS ADD(acid) DB2COLL(collection‑id)
Prefix length

2‑26 characters

Capacity of list

1‑5 DB2 collections per TSS command.

Authority

Administrators must have DB2COLL(OWN) authority.

Masking

The DB2COLL resource class supports all masking characters.

Types

The DB2COLL keyword is used with the following ACID types: User, Profile, Department, Division, Zone, DCA, VCA, ZCA, LSCA, SCA, MSCA.

TSS PERMIT or REVOKE

Syntax
TSS PER(acid) DB2COLL(collection‑id,...)
Collection name

2‑128 characters

Capacity of list

1‑5 collections per TSS command.

Accesses

The administrator can specify any or all of the following accesses: CREATEIN, PACKADM, ALL, NONE. The default access is CREATEIN.

Access Controls

The administrator can use any of the following methods to control access to collections: Expiration, Facility, Time/Day, Actions.

Types

The DB2COLL keyword is used with the following ACID types: User, Profile, DCA, VCA, ZCA, LSCA, SCA, MSCA.

TSS ADMIN or DEADMIN

Syntax
TSS ADMIN(acid) DB2COLL(authority level(s))
Authority

Administrators can specify any or all of the following authority levels: OWN, XAUTH, AUDIT, INFO, REPORT, ALL.

Types

The DB2COLL keyword is used with the following ACID types: User, DCA, VCA, LSCA, ZCA, SCA, MSCA.

Examples

TSS ADDTO/REMOVE

To give the Finance Department (FINDEPT) ownership of a collection FACCT, the administrator enters:

TSS ADD(FINDEPT) DB2COLL(FACCT)

Ownership of the collection FACCT is removed by entering:

TSS REMOVE(FINDEPT) DB2COLL(FACCT)
TSS PERMIT/REVOKE

The administrator wants to authorize USR01 to include new packages within a collection FACCT:

TSS PERMIT(USR01) DB2COLL(FACCT) ACCESS(CREATEIN)

This grants USR01 the authority to create packages within the specified collection. To revoke USR01's privilege the administrator enters:

TSS REVOKE(USR01) DB2COLL(FACCT) ACCESS(CREATEIN)
TSS ADMIN/DEADMIN

To give FINVCA the ability to assign ownership of collections to permit users to access collections within his scope, and audit the use of collections owned by the division, the administrator enters:

TSS ADMIN(FINVCA) DB2COLL(OWN,XAUTH,INFO)

To remove FINVCA's authority for collections the administrator enters:

TSS DEADMIN(FINVCA) DB2COLL(OWN,XAUTH,INFO)
TSS WHOHAS

To determine who has access to the collection FACCT, the administrator enters:

TSS WHOHAS DB2COLL(FACCT)

CA Top Secret will respond by displaying all of the ACIDs that have access to this particular collection.

TSS WHOOWNS

To determine who owns the collection, the administrator enters:

TSS WHOOWNS DB2COLL(FACCT)