DB2 – Behavior when users are dropped from OS level

-
This is to discuss the behavior of db2 when users (Who are granted database authorities) are dropped from OS level.
Check the current users and their authorities granted.














 

Add a new user and grant some authorities then drop the user
















Now recheck the authorities still the user is defined in database and the authorities are there. In most cases this will not be an issue practically as default authentication can not happen since the user is dropped from OS level.
















Anyways you will have to revoke the authorities manually if you want to remove them.
And if you ever needed to remove this type of entries from database (Happened to me.. Didn’t work saying “it will not affect anythingL”) below script will find those users and any objects that they have the ownership.
On UNIX, DB2 => 9
 . ~/.profile  
 cat /etc/passwd | awk 'BEGIN { FS = ":" } ; { print $1 }' | sort > os_user.out  
 ##function_1  
 db2 "list db directory"|grep -ip Indirect| grep -ivp toolsdb|awk '/Database alias/{print $NF}' > list  
 a=`cat list`  
 for i in $a  
 do  
 db2 "connect to $i"  
 db2 "export to auths_$i.tmp of del modified by nochardel select lcase(grantee) from syscat.dbauth"  
 cat auths_$i.tmp | awk '{print $1}' | sort > sort_auths_$i.csv  
 comm -2 -3 sort_auths_$i.csv os_user.out | awk '{print $1}' | sort > diff_$i.txt  
 b=`cat diff_$i.txt`  
 for j in $b  
 do  
 na=`db2 -x "SELECT rtrim(substr(current server,1,8)) FROM SYSIBM.SYSDUMMY1 WITH UR"`  
 db2 "SELECT SUBSTR(OWNER,1,10) AS OWNER, OWNERTYPE,SUBSTR(OBJECTNAME,1,30) AS OBJECTNAME,SUBSTR (OBJECTSCHEMA,1,10) AS OBJECTSCHEMA, OBJECTTYPE FROM SYSIBMADM.OBJECTOWNERS WHERE LCASE(OWNER)='$j'" > objects_$na$j.usr  
 done  
 done  
 rm -rf *.out *.tmp list


Comments

Post a Comment

Popular posts from this blog

ORA-16433: The database or pluggable database must be opened in read/write

-
Image
ORA-16433 is an error returned when a database cannot be opened. This can be a result of multiple conditions including, The inconsistency of the database Physical corruption Loss of dependent files or access issues etc.. More often than not the solution is to recover from available backups, but there can be situations where backups are not available, specially on UAT or Test setups. Although not the ideal scenario, in this type of situation you might want to open the databases even with inconsistency.  In Comes --> _ALLOW_RESETLOGS_CORRUPTION First, if you are in a position to use _ALLOW_RESETLOGS_CORRUPTION=TRUE, that means it has to be a critical moment, and when you come across more ora- errors while you are trying to reopen the databsae, that can be annoying. Note - _ALLOW_RESETLOGS_CORRUPTION=TRUE must only be used after Oracle support confirmation as a last resort. Also make sure to take cold backup before proceeding. Basic steps to be followed to resolve ORA 16433 after
Read more

Wait for unread message on broadcast channel - Blocking Sessions

-
Image
What is Wait for unread message on broadcast channel wait event? Wait for unread message on broadcast channel is a wait event where source destination communication is involved and the database is waiting for a reply from remote party. Mostly this wait is seen related to data pump export (expdp) or import (impdp) operations. Although categorized in idle wait class "Wait for unread message on broadcast channel" can become the blocking session for some other sessions. Common causes for stuck sessions waiting on this wait event includes, Broken databases links, where remote database is not responding. Abnormally killed remote processes causing the sessions to wait. When a session is waiting on "Wait for unread message on broadcast channel" it can become a blocking session for dependent sessions. Most probably these sessions will be waiting on "library cache pin" or related concurrency wait events. The blocking_session column of (g)v$session view
Read more

ORA-14126 - While splitting max value partition

-
Oracle version -- Oracle 9i to 11g While splitting partitions, SQL> alter TABLE ARBOR.CDR_BILLED split PARTITION CDR_BILLED_MAXVALUE at (TO_DATE('2014-09-01 00:00:00', 'SYYYY-MM-DD HH24:MI:SS', 'NLS_CALENDAR=GREGORIAN')) into (partition CDR_BILLED_01SEP14,partition CDR_BILLED_MAXVALUE) TABLESPACE "C01_CDR_BILL" update global indexes; 2 into (partition CDR_BILLED_01SEP14,partition CDR_BILLED_MAXVALUE) TABLESPACE "C01_CDR_BILL" update global indexes * ERROR at line 2: ORA-14126: only a <parallel clause> may follow description(s) of resulting partitions 4:58:56 PM The reason for above error is while splitting max value partition, it is not allowed to explicitly provide a tablespace. The splitted partition will be reside on the same tablespace as the max value partitions. Below can be used without the tablespace clause to split the max value partition, alter TABLE ARBOR.CDR_BILLED split PARTITION CDR_BILLED_
Read more