https://community.qlik.com/t5/Qlik-Replicate/Db2-authorities-needed-on-server/m-p/1677747#M33 <P>Hello Support,</P><P>We are using Attunity Replicate with Db2.&nbsp; Attunity user guide recommends that on Db2 server the Attunity user must have below authorities:</P><P>1. SYSADM or DBADM&nbsp;</P><P>2. DATAACCESS</P><P>In first case SYSADM is highest level authority at Db2 instance level and DBADM is highest authority at database level.</P><P>My understanding&nbsp; is&nbsp; that Attunity only needs the&nbsp; <STRONG>Log Read</STRONG> privilege associated with these two authorities but not the rest which are included in this role which included destructive privilege such as drop tablespace or database.</P><P>In second case DATAACESS authority grants all ( select/update/drop) the privileges on all user tables on schema whereas Attunity needs only read privilege&nbsp; on catalog tables and appropriate&nbsp; user tables.</P><P>Is there any way to limit the extra destructive privilges being granted to Attunity user?</P><P>Thank you.&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P> Thu, 20 Feb 2020 19:43:30 GMT Attunity_user01 2020-02-20T19:43:30Z https://community.qlik.com/t5/Qlik-Replicate/Db2-authorities-needed-on-server/m-p/1677747#M33 <P>Hello Support,</P><P>We are using Attunity Replicate with Db2.&nbsp; Attunity user guide recommends that on Db2 server the Attunity user must have below authorities:</P><P>1. SYSADM or DBADM&nbsp;</P><P>2. DATAACCESS</P><P>In first case SYSADM is highest level authority at Db2 instance level and DBADM is highest authority at database level.</P><P>My understanding&nbsp; is&nbsp; that Attunity only needs the&nbsp; <STRONG>Log Read</STRONG> privilege associated with these two authorities but not the rest which are included in this role which included destructive privilege such as drop tablespace or database.</P><P>In second case DATAACESS authority grants all ( select/update/drop) the privileges on all user tables on schema whereas Attunity needs only read privilege&nbsp; on catalog tables and appropriate&nbsp; user tables.</P><P>Is there any way to limit the extra destructive privilges being granted to Attunity user?</P><P>Thank you.&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P> Thu, 20 Feb 2020 19:43:30 GMT https://community.qlik.com/t5/Qlik-Replicate/Db2-authorities-needed-on-server/m-p/1677747#M33 Attunity_user01 2020-02-20T19:43:30Z https://community.qlik.com/t5/Qlik-Replicate/Db2-authorities-needed-on-server/m-p/1680421#M56 <P>Hi Team,<BR />Replicate uses db2readlog api to read the changes from DB2 and IBM documentation says sysadm and dbadm access privileges needed to read the change logs(db2readlog api).<BR />Please find below the IBM documentation link for your reference.<BR /><A href="https://www.ibm.com/support/knowledgecenter/SSEPGG_9.7.0/com.ibm.db2.luw.apdv.api.doc/doc/r0001673.html" target="_blank">https://www.ibm.com/support/knowledgecenter/SSEPGG_9.7.0/com.ibm.db2.luw.apdv.api.doc/doc/r0001673.html</A></P><P>Thanks,<BR />Madhavi</P> Fri, 28 Feb 2020 14:53:23 GMT https://community.qlik.com/t5/Qlik-Replicate/Db2-authorities-needed-on-server/m-p/1680421#M56 Madhavi_Konda 2020-02-28T14:53:23Z