Required Permissions

Configure system accounts with the permissions required to support connector operations.

Permissions Management

Permissions are assigned to accounts and groups as Direct Permissions during account and entitlement aggregation. The connector supports the following permissions:

table
database
schema, index
view
package
method
tablespace
function
procedure

Procedure to Create Service User

Based on the operating system, perform the respective procedures in the section.

IBM DB2 Enterprise Server Permissions

For IBM DB2 Enterprise Server version 10.1 and 10.5:

The Administrator login must have the SYSADM (Authority) as the minimum privilege and must be able to perform the following operations on DB User and Roles:

Search
Create
Update
Delete

Note
To run the CREATE ROLE rolename and DROP ROLE rolename query in the following DB2 versions, the respective specified authorities are required: 10.1 and 10.5: SECADM, SYSCTRL, or SECADM authority

For IBM DB2 Enterprise Server version 11.1:

Connect to the database with administrator user using command:

db2 connect to <DATABASE>
Grant the following Privileges:

GRANT DBADM ON DATABASE TO USER <SERVICE_USER>; GRANT SECADM ON DATABASE TO USER <SERVICE_USER>; GRANT ACCESSCTRL ON DATABASE TO USER <SERVICE_USER>; GRANT DATAACCESS ON DATABASE TO USER <SERVICE_USER>;
Grant the following Roles:

GRANT SYSTS_ADM to <SERVICE_USER>;
Create the source using the Service User as the user and specify the database.

Feedback is provided as an informational resource only and does not form part of SailPoint's official product documentation. SailPoint does not warrant or make any guarantees about the feedback (including without limitation as to its accuracy, relevance, or reliability). All feedback is subject to the terms set forth at https://developer.sailpoint.com/discuss/tos.


	You are here:

Required Permissions

Permissions Management

Procedure to Create Service User

IBM DB2 Enterprise Server Permissions

Documentation Feedback