1. The IBM Db2 v12 documentation (Source: SQLADM - IBM Documentation) defines the following:
With the SQLADM authority, you have implicit SELECT access on all the catalog tables and implicit INSERT, DELETE, and UPDATE privileges
on updatable catalog tables (except SYSIBM.SYSAUDITPOLICIES).
2. A User ID has SQLADM defined. However, when it tries to perform an insert to an up-datable catalog table, the following error is observed.
ACF04056 ACCESS TO RESOURCE DBIASYSIBM.IPNAMES TYPE DTBL BY USER01 NOT AUTHORIZED
It seems that despite having SQLADM granted in ACF2, Db2 will still issue a call to ACF2 to verify the DTBL permission.
Which then gets denied by ACF2 because the userid does not have the required privileges on this table.
Confirm that the DTBL privileges will be verified for any modification attempt to the catalog despite having the SQLADM privilege assigned?
Release : 1.3
Component : ACF2 Option for Db2
User doesn't have access to SQLADM.
The ACF2 / DB2 access RULE is verified and not the DB2 CATALOG access.
Add a rule :
$KEY(SQLADM) SYSID(DBIA) TYPE(SYS)
...................to get past the condition.