Personal tools
You are here: Home DB2 How To's Checking the privileges, authorities and authorizations
Log in

Forgot your password?
Document Actions

Checking the privileges, authorities and authorizations

How to find on System Catalog Views the authorities, privileges and authorizations for a specific user on database

You have to connect to a database for using the System Catalog Views.

After to connect on database perform the following command.

db2 list tables for schema syscat | grep -i auth

All authorities, privileges and permissions are listed below.

System Catalog
SYSCAT.DBAUTH Lists the database privileges
Lists the table and view privileges
Lists the column privileges
Lists the package privileges
Lists the index privileges
Lists the schema privileges
Lists the server privileges
SYSCAT.ROUTINEAUTH Lists the routine (functions,
methods, and stored procedures) privileges

How to search authorities , privileges and permissions that user XXX has on database

db2 "describe table SYSCAT.DBAUTH"

The output is following.

Column                         Type              Type
name                           schema           name                  Length     Scale Nulls
------------------------------ --------- ------------------ --------   -----           ------
GRANTOR                        SYSIBM       VARCHAR                 128     0 No
GRANTEE                        SYSIBM       VARCHAR                 128     0 No
GRANTEETYPE                 SYSIBM      CHARACTER                 1      0 No
DBADMAUTH                    SYSIBM     CHARACTER                 1      0 No
CREATETABAUTH             SYSIBM     CHARACTER                 1      0 No
BINDADDAUTH                 SYSIBM     CHARACTER                 1      0 No
CONNECTAUTH                SYSIBM     CHARACTER                 1      0 No
NOFENCEAUTH                 SYSIBM     CHARACTER                1      0 No
IMPLSCHEMAAUTH           SYSIBM     CHARACTER                 1      0 No
LOADAUTH                       SYSIBM     CHARACTER                 1      0 No
QUIESCECONNECTAUTH        SYSIBM    CHARACTER            1      0 No
LIBRARYADMAUTH                  SYSIBM    CHARACTER            1      0 No
SECURITYADMAUTH                SYSIBM    CHARACTER            1     0 No

To know more about each column go to URL: and do a search using SYSCAT.DBAUTH.

The following SQL select is to  find which are the permissions user 'XXX'  has on Database.

db2 "select * from SYSCAT.DBAUTH  where GRANTEE = 'XXX' "

Security for databases
Which solution database auditing and protection do you use?