Authorities: database-type specific notes

DB2 notes

• For DB2/UDB, when you are displaying users you will have another column in the grid - Type. This is U (for user) or G (for group). DB2/UDB needs to know whether the identifier is for a user or a group.
• For DB2, when you are granting object access to a list of users, you can add another user to the grid (the grid will have an insert-row at the bottom). This allows you to grant authorities to a new user. For DB2/UDB you will have to specify the Type (user/group) of this new user.

SQL Server notes

• The owner of an object and the dbo user have implicit authority on an object. If you grant authority to these users, those authorities will not show in the Authorities grid when it is refreshed. This can be very confusing.
• Application roles cannot have members assigned to them (unlike other roles). If you try to do this, you will get the message The role does not exist in the current database.

Sybase Enterprise notes

Sybase will not record that a user has access to a table, if this access has already been granted to the user's group.

For instance, if:

• the group has select authority on a table
• you grant select and update authority on the table to the user
• a refresh of the Authorities grid will show that the user only has update authority on the table

This can be confusing for the novice DBA!

Informix notes

You cannot grant authorities on objects owned by someone other than yourself, unless you use the Grantor option. The Grantor option can only be done by a user with DBA authority.

If you try and grant authority on another user's tables, you will get the message No GRANT option or illegal option on multi-table view (which, in our opinion, doesn't describe what the problem is).

Pervasive.SQL notes

• you cannot grant authorities to Views
• when granting access to a table, you may get the message The owner name is invalid. This means that the table is password protected. The password is (misleadingly) called an owner in several places in Pervasive. You will need to specify the password with the Grant command. AQT doesn't provide an option to do this.
• when granting access to a table, you may get the message Cannot grant synonym privileges.This happens when the user is a member of a group; you should grant access to the group rather than the user.