J
johngood
Guest
Hi, Thanks for the information. I was not previously setting the users up with select access against sysibm.syspackage. I was not aware it was a requirement. Your question: " Are all your users in the PUBLIC schema? " - I'm not sure what you are trying to distinguish. (That I know of) If a privilege doesn't exist for a specific user, then that user would pick up any privileges granted to public. However, I cleaned up, bind the packages with the job, granted execute against the packages and select against sysibm.syspackage. I still get the bind auth error I collected trace, here is the file (See attached file: odbctrace01.out) Here are the details of what I did: To start clean: I removed all of the privileges I had previously granted for the users, dropped the packages. Then, I re-ran the BIND job, binding the packages and granting execute to public. (results below) G Package H B E C Sel Grantor Grantee T Collection Name Grant Timestamp G D X O JGOOD* * * * * * * * * * --- -------- -------- - ------------------ -------- ------------------- - - - - JGOOD PUBLIC NULLID DDOC510A 2018-07-13-20.32.48 Y JGOOD PUBLIC NULLID DDOC510B 2018-07-13-20.32.48 Y JGOOD PUBLIC NULLID DDOC510C 2018-07-13-20.32.48 Y JGOOD PUBLIC NULLID DDOU510A 2018-07-13-20.32.48 Y JGOOD PUBLIC NULLID DDOU510B 2018-07-13-20.32.48 Y JGOOD PUBLIC NULLID DDOU510C 2018-07-13-20.32.48 Y JGOOD PUBLIC NULLID DDOR510A 2018-07-13-20.32.48 Y JGOOD PUBLIC NULLID DDOR510B 2018-07-13-20.32.48 Y JGOOD PUBLIC NULLID DDOR510C 2018-07-13-20.32.48 Y JGOOD PUBLIC NULLID DDOS510A 2018-07-13-20.32.48 Y JGOOD PUBLIC NULLID DDOS510B 2018-07-13-20.32.48 Y JGOOD PUBLIC NULLID DDOS510C 2018-07-13-20.32.48 Y JGOOD PUBLIC NULLID DDON510A 2018-07-13-20.32.48 Y JGOOD PUBLIC NULLID DDON510B 2018-07-13-20.32.48 Y JGOOD PUBLIC NULLID DDON510C 2018-07-13-20.32.48 Y Then, I granted select against syspackage to public odb2 "grant select on SYSIBM.SYSPACKAGE to public" I used a jupyter notebook to verify that the same user that uses the odbc access can select * from sysibm.syspackage Then from a linux system, I setup ODBC trace: [jgood@localhost(192.168.164.223) ~/src/example]$ grep -i trace /opt/SDAP712/odbc.ini Trace=1 TraceFile=/home/jgood/src/example/odbctrace.out TraceDll=/opt/SDAP712/lib/XEtrc27.so TraceOptions=1 - and ran an modified version of example.c that just runs one SQL request ./simple 'DB2 Wire Protocol' zmml01 db2au01 'select count(*) from mlz.churn_cust_sum' ./simple DataDirect Technologies, Inc. ODBC Example Application. connecting to datasource: 'DB2 Wire Protocol', uid: 'zmml01', password: 'db2au01', opt1: '', opt2: '' SQLSTATE = S1000 NATIVE ERROR = -567 MSG = [IBM SPSS][ODBC DB2 Wire Protocol driver][DB2]AUTHORIZATION ERROR BIND ZMML01. DSNXBAC.NULLID.DDOS510A.(01) BINDADD SQLConnect: Retrying Connect. SQLSTATE = S1000 NATIVE ERROR = -567 MSG = [IBM SPSS][ODBC DB2 Wire Protocol driver][DB2]AUTHORIZATION ERROR BIND ZMML01. DSNXBAC.NULLID.DDOS510A.(01) BINDADD SQLConnect: Retrying Connect. SQLSTATE = S1000 NATIVE ERROR = -567 MSG = [IBM SPSS][ODBC DB2 Wire Protocol driver][DB2]AUTHORIZATION ERROR BIND ZMML01. DSNXBAC.NULLID.DDOS510A.(01) BINDADD SQLConnect: Retrying Connect. Regards, John Goodyear z Systems Analytics zChampion WSC z Systems Applied Technologies Herndon, VA johngood@us.ibm.com "Brian Derwart" ---07/13/2018 09:54:44 AM---Update from Progress Community [ INVALID URI REMOVED
Continue reading...
Continue reading...