Hi,
I would like to learn about TSS/DB2 fallback scenarios. Is there any known/documented way to fallback DB2 internal security,when we give up using TSS Option for DB2? There are some utilities to migrate from native security to TSS/DB2. But is there any utility to be run in the opposite direction? This is one of our concerns implementing TSS/DB2 Option. There can be any reason, that we cannot foresee.
Thank you,
Erdem.
Hello Erdem,
The TSS/DB2 product does have a synchronization utility which was intended to keep the DB2 security catalog in tune with the TSS security database. It would take the contents of the TSS database and build appropriate DB2 GRANT/REVOKE statements to synchronize permissions to the DB2 security catalog. At present there are no Top Secret clients using this utility. This is mostly because the original intent of the utility was to ensure OEM products were able to get correct responses when querying the DB2 security database for things like building menus. To the best of my knowledge those products have altered their interfaces and so the utility no longer fulfills a useful purpose.
Regards,
Frank
Hi Frank,
I remembered it so wrong, as if it was working only one way (from DB2 catalogs to TSS commands) and didn't need to see the books again. Sorry, it was my bad.
Thank you for your explanation.
Erdem,
There are two utilities. The conversion utility which converts from DB2 to TSS and the synchronization utility which goes the other way. I must caution again, however, that this utility has not been used at any TSS client site for a long time. If this is a path that you intend to explore there may be pitfalls along the way.
Regards,Frank