Limited support BMC provides limited support for this version of the product. As a result, BMC no longer accepts comments in this space. If you encounter problems with the product version or the space, contact BMC Support.BMC recommends upgrading to the latest version of the product. To see documentation for that version, see BMC AMI Catalog Manager for Db2 13.1.

Revoking privileges

Catalog Manager

 cannot be used to circumvent the Db2 rules for controlling access to data.

Rules for revoking authorizations can be summarized as follows:

  • Authorizations can be revoked only by a user ID with SYSADM or SYSCTRL authority, or by the user ID that granted the authorization.
  • Authorizations that are granted implicitly cannot be revoked. For example, you cannot revoke the authorization to create a table from a user ID with DBADM authority because creating tables is a privilege that is implicitly available to DBADM authority.
  • User IDs cannot revoke authorizations from themselves.
  • No user ID (including those with SYSADM or SYSCTRL authority) can revoke privileges on a Db2 resource from the creator of the resource.
  • Replicate authorizations that were granted to the same user ID from more than one grantor remain effective until revoked by each grantor.

This section contains the following topics:

Related topic

Managing-authorizations

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*