Portal, V6.1
Create users
This topic provides information on setting up users for DB2 for z/OS to work with WebSphere Portal.
Before you begin: You should have completed Installing DB2 for z/OS.
- Prerequisites
- Installing DB2 for z/OS
- If WebSphere Portal V6.1 and an earlier version of WebSphere Portal coexist, the database user IDs for WebSphere Portal V6.1 must be different than earlier versions to avoid conflicts during installation.
- If you are configuring multiple WebSphere Portal instances to use a single DB2 for z/OS subsystem, create a unique database user for each WebSphere Portal instance. By default all database table names include the name of the database user used to access the data. Therefore, to prevent table name conflicts, create a unique database user for each WebSphere Portal instance on the shared DB2 for z/OS subsystem.
- Take care to create users in an environment that has the same settings as the actual runtime environment. For example, avoid creating a user in an English environment if you plan to use that user in a Turkish environment.
Use the following steps to grant access permissions to the database users. Repeat these steps for each WebSphere Portal instance you are setting up.
- Create all database user IDs in the security product you are using on z/OS. For jcrschema, the database schema name for Content Repository data, create a group and connect it to the database user ID for Content Repository data, jcr. The following sample shows the RACF definition of such a user ID and group, where jcr is the database user ID for Content Repository data, yourDefaultUserGroup is your default RACF group for database user IDs, jcrschema is the database schema name for Content Repository data, and yourDefaultGroup is your default RACF group for groups. If you have some other security product such as Top Secret or ACF2 instead of RACF, translate the sample RACF definition into the appropriate syntax before executing.
ADDUSER jcr DFLTGRP(yourDefaultUserGroup) NAME('WAS DB2 ACCESS USER') PW USER(jcr) NOINTERVAL ALU jcr PASSWORD(********) NOEXPIRED ADDGROUP jcrschema SUPGROUP(yourDefaultGroup) CONNECT jcr GROUP(jcrschema)- Run the following SQL statements using a tool like SPUFI while logged on to the DB2 subsystem to grant appropriate rights on the newly created databases. If you are configuring multiple WebSphere Portal instances to use a single DB2 for z/OS subsystem, be sure to use the database user associated with the WebSphere Portal instance you are setting up.
GRANT DBADM ON DATABASE releasenameonzos TO releaseusr WITH GRANT OPTION; GRANT USE OF ALL BUFFERPOOLS TO releaseusr; GRANT DBADM ON DATABASE communitynameonzos TO communityusr WITH GRANT OPTION; GRANT USE OF ALL BUFFERPOOLS TO communityusr; GRANT DBADM ON DATABASE customizationnameonzos TO customizationusr WITH GRANT OPTION; GRANT USE OF ALL BUFFERPOOLS TO customizationusr; GRANT DBADM ON DATABASE jcrdbnameonzos TO jcr WITH GRANT OPTION; GRANT USE OF ALL BUFFERPOOLS TO jcr; GRANT DBADM ON DATABASE fdbkdbnameonzos TO feedback WITH GRANT OPTION; GRANT USE OF ALL BUFFERPOOLS TO feedback; GRANT DBADM ON DATABASE lmdbnameonzos TO lmdbusr WITH GRANT OPTION; GRANT USE OF ALL BUFFERPOOLS TO lmdbusr; GRANT SELECT ON SYSIBM.SYSCOLUMNS TO releaseusr; GRANT SELECT ON SYSIBM.SYSCOLUMNS TO communityusr; GRANT SELECT ON SYSIBM.SYSCOLUMNS TO customizationusr; GRANT SELECT ON SYSIBM.SYSTABLES TO releaseusr; GRANT SELECT ON SYSIBM.SYSTABLES TO communityusr; GRANT SELECT ON SYSIBM.SYSTABLES TO customizationusr; GRANT SELECT ON SYSIBM.SYSCOLUMNS TO jcr; GRANT SELECT ON SYSIBM.SYSTABLES TO jcr; GRANT SELECT ON SYSIBM.SYSCOLUMNS TO fdbkdbusr; GRANT SELECT ON SYSIBM.SYSTABLES TO fdbkdbusr; GRANT SELECT ON SYSIBM.SYSCOLUMNS TO lmdbusr; GRANT SELECT ON SYSIBM.SYSTABLES TO lmdbusr; GRANT SELECT ON SYSIBM.SYSFOREIGNKEYS TO releaseusr; GRANT SELECT ON SYSIBM.SYSFOREIGNKEYS TO communityusr; GRANT SELECT ON SYSIBM.SYSFOREIGNKEYS TO customizationusr; GRANT SELECT ON SYSIBM.SYSFOREIGNKEYS TO jcr; GRANT SELECT ON SYSIBM.SYSFOREIGNKEYS TO fdbkdbusr; GRANT SELECT ON SYSIBM.SYSFOREIGNKEYS TO lmdbusr; GRANT SELECT ON SYSIBM.SYSRELS TO releaseusr; GRANT SELECT ON SYSIBM.SYSRELS TO communityusr; GRANT SELECT ON SYSIBM.SYSRELS TO customizationusr; GRANT SELECT ON SYSIBM.SYSRELS TO jcr; GRANT SELECT ON SYSIBM.SYSRELS TO fdbkdbusr; GRANT SELECT ON SYSIBM.SYSRELS TO lmdbusr; GRANT USE OF STOGROUP jcrstogroup TO jcr; GRANT CREATEIN, DROPIN ON SCHEMA jcrschema TO jcr; GRANT SELECT ON SYSIBM.SYSTABLESPACE TO jcr; GRANT SELECT ON SYSIBM.SYSVIEWS TO jcr; GRANT SELECT ON SYSIBM.SYSDUMMY1 TO jcr; GRANT SELECT ON SYSIBM.SYSTRIGGERS TO jcr; GRANT SELECT ON SYSIBM.SYSINDEXPART TO jcr; GRANT SELECT ON SYSIBM.SYSINDEXES TO jcr; GRANT SELECT ON SYSIBM.SYSSYNONYMS TO jcr;where:
- releasenameonzos, communitynameonzos, customizationnameonzos, and releaseusr, communityusr, customizationusr represent the databases and database users, respectively, of the WebSphere Portal instance you are setting up. (These users must be created on the host system.)
- jcrdbnameonzos and jcr are the database and database user, respectively, for Content Repository data.
- fdbkdbnameonzos and feedback are the database and database user, respectively, for Feedback data.
- lmdbnameonzos and lmdbusr are the database and database user, respectively, for Likeminds data.
- jcrschema is the database schema name for Content Repository data.
- Grant the necessary access rights to all users who might require them. Depending on the architecture that you choose, these users might include Java Content Repository and Feedback users.
Parent topic
Configure WebSphere Portal to use DB2 for z/OS
Previous topic:
Installing DB2 for z/OSNext topic:
Creating remote databases