How to resolve a -554, ERROR: AN AUTHORIZATION ID OR ROLE CANNOT GRANT A PRIVILEGE TO ITSELF error message.

book

Article ID: 19505

calendar_today

Updated On:

Products

CA RC/Migrator CA Endevor SCM Interface DB2 Administration CA RC Compare for DB2 for z/OS CA RC Extract for DB2 for z/OS CA RC/Query CA RC Secure for DB2 for z/OS CA RC Update for DB2 for z/OS

Issue/Introduction

Description:

The user is RC/Secure SECADM. User is trying to give this privilege to another USER ID he has which is tied to the primary one.

The following message gets generated:


DSNT408I SQLCODE = -554, ERROR:  AN AUTHORIZATION ID OR ROLE CANNOT      
        GRANT A PRIVILEGE TO ITSELF                                     
DSNT418I SQLSTATE   = 42502 SQLSTATE RETURN CODE                         
DSNT415I SQLERRP    = DSNXA07 SQL PROCEDURE DETECTING ERROR              
DSNT416I SQLERRD    = -120  0  0  -1  0  0 SQL DIAGNOSTIC INFORMATION    
DSNT416I SQLERRD    = X'FFFFFF88'  X'00000000'  X'00000000'              
        X'FFFFFFFF'  X'00000000'  X'00000000' SQL DIAGNOSTIC            
        INFORMATION                                                     
        SQL error in PLAN AUTHPLAN in DBRM CSAAUCMO statement     331   

SQL error in PLAN AUTHPLAN in DBRM CSAAUCMO statement 331

An authorization ID cannot grant a privilege to itself.

Solution:

SET CURRENT RULES = 'STD' which will specify whether certain SQL statements

are executed in accordance with DB2 rules or the rules of the SQL.

An example is:


SET CURRENT RULES = 'STD';                                                     
SET CURRENT SQLID = A36467D;                                                   
GRANT EXECUTE ON PLAN RSPMPLAN TO A36467D;                                     
SET CURRENT RULES = 'DB2'; 

Another option would be to SET CURRENT SQLID = xxxxx (where xxxxx is another ID).

Environment

Release: ENDV2A00200-14.5-Endevor-SCM Interface-for DB2 for z/OS
Component: