Previous Topic: DB2PKGNext Topic: DB2PROC

Protecting ResourcesDB2PLAN

DB2PLAN

Description

Identifies DB2 plans.

TSS Commands

The following TSS commands can be used with the DB2PLAN keyword: CREATE, DELETE, ADDTO, REMOVE, PERMIT, REVOKE, ADMIN, DEADMIN, WHOOWNS, WHOHAS.

TSS ADDTO or REMOVE

Syntax
TSS ADD(acid) DB2PLAN(plan,plan,plan,...)
Prefix length

2‑8 characters

Capacity of list

1‑5 DB2 plans or prefixes per TSS command.

Authority

Administrators must have DB2PLAN(OWN) authority.

Types

The DB2PLAN keyword is used with the following ACID types: User, Profile, Department, Division, Zone, DCA, VCA, ZCA, LSCA, SCA, MSCA.

TSS PERMIT or REVOKE

Syntax
TSS PER(acid) DB2PLAN(plan prefix(es))
Plan name

2‑8 characters

Capacity of list

1‑5 plans or prefixes per TSS command.

Accesses

The administrator can specify any or all of the following accesses: BIND, EXECUTE, ALL, NONE. The default access is EXECUTE.

Access Controls

The administrator can use any of the following methods to control access to plans: Expiration, Facility, Time/Day, Actions.

Types

The DB2PLAN keyword is used with the following ACID types: User, Profile, DCA, VCA, ZCA, LSCA, SCA, MSCA.

TSS ADMIN or DEADMIN

Syntax
TSS ADMIN(acid) DB2PLAN(authority level(s))
Authority

Administrators can specify any or all of the following authority levels: OWN, XAUTH, AUDIT, INFO, REPORT, ALL.

Types

The DB2PLAN keyword is used with the following ACID types: User, DCA, VCA, ZCA, LSCA, SCA, MSCA.

Examples

TSS ADDTO/REMOVE

To give the Engineering Department (ENGDEPT) ownership of the plan SR19052P the administrator enters:

TSS ADD(ENGDEPT) DB2PLAN(SR19052P)

Ownership of the plan SR19052P is removed by entering:

TSS REMOVE(ENGDEPT) DB2PLAN(SR19052P)
TSS PERMIT/REVOKE

The administrator wants to authorize USRMIKE to bind plan SR19052P. He enters:

TSS PERMIT(USRMIKE) DB2PLAN(SR15092P) ACCESS(BIND)

To revoke USRMIKE's authority to plan SR19052P, he enters:

TSS REVOKE(USRMIKE) DB2PLAN(SR19052P)
TSS ADMIN/DEADMIN

To give administrator ENGDCA the ability to permit users to access plans within his scope, and to use TSSUTIL to monitor security events and violations, he enters:

TSS ADMIN(ENGDCA) DB2PLAN(XAUTH,REPORT)

To remove ENGDCA's authority for plans, the administrator enters:

TSS DEADMIN(SFTVCA) DB2PLAN(XAUTH,REPORT)
TSS WHOHAS

To determine who has access to the plan SR19052P, the administrator enters:

TSS WHOHAS DB2PLAN(SR19052P)

CA Top Secret will respond by displaying all of the ACIDs that have access to this particular plan.

TSS WHOOWNS

To determine who owns the plan SR19052P, the administrator enters:

TSS WHOOWNS DB2PLAN(SR19052P)