Using BindOwner and a pre-bound plan
This method has the following requirements:
- The user ID that runs High-speed Apply Engine (userid01) must have:
- EXECUTE privilege on a specific pre-bound plan
- BINDAGENT authority
To be validated at run time, the plan must have been previously bound by a different user ID (userid02) with appropriate privileges.
For a sample BIND command, see BindAction.
- userid02 must have BINDADD authority, and one of the following statuses:
- PACKADM authority
- CREATE privileges on all packages (*)
- CREATE privileges on a specific collection or list of collections that is designated for use by High-speed Apply Engine
- The apply request must specify the following parameter values:
Parameter | Value | Reference |
|---|---|---|
BindAction | Use | |
BindOwner | User ID that bound the plan | |
CollectionID | Name of the High-speed Apply Engine collection | |
PlanName | Name of the specific prebound plan |
Authorization examples for using a pre-bound plan
The examples in this section show the authorizations that are normally granted during and after installation. The authorizations that you grant depend on your own security policies.
For definitions of the variables shown in these examples, see Db2-authorizations-for-plans-packages-and-collections.
The following example shows the authorizations that provide access to the High-speed Apply Engine plan and restart table. These authorizations are normally granted during installation:
GRANT EXECUTE ON PACKAGE BMCAPT.APTREB2 TO userid01;
The following example shows additional authorizations that are required to run High-speed Apply Engine. These authorizations are normally granted after installation:
tableNames TO userid01;
GRANT EXECUTE ON PLAN userPlan01 TO userid01;
GRANT BINDAGENT TO userid01;
GRANT BINDADD TO userid02;
GRANT PACKADM ON COLLECTION collectionIDs TO userid02;
or
GRANT CREATE ON COLLECTION collectionIDs TO userid02;