Tell us more about what you’re trying to do. Are you trying to bypass a restriction?
On Mon, Nov 24, 2025 at 7:07 AM Binyamin Dissen < [email protected]> wrote: > I wanted a drop in solution with just RACF & DB2 commands. Doesn't look > like > it exists. > > On Sun, 23 Nov 2025 23:10:10 -0600 Jon Perryman <[email protected]> > wrote: > > :>On Mon, 24 Nov 2025 00:40:47 +0200, Binyamin Dissen < > [email protected]> wrote: > > :>>DB2 query - is there a way to give a specific permission for a user to > SET > :>>CURRENT SQLID to another user without special privileges? Something > thru the > :>>surrogate class? > > :>I researched (never implemented) this for a project and found that DB2 > secondary authorization id's are implemented through a DB2 user exit. Maybe > someone has used it but if not, the doc is > https://www.ibm.com/docs/en/db2-for-zos/13.0.0?topic=applications-using-secondary-ids-sign-requests > > :>I suspect you could implement it using SUROGAT but I suspect there must > be a reason why IBM chose RACF groups. Hopefully someone has some real > experience. > > -- > Binyamin Dissen <[email protected]> > http://www.dissensoftware.com > > Director, Dissen Software, Bar & Grill - Israel > > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to [email protected] with the message: INFO IBM-MAIN > ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
