ASA Database Administration Guide
Working with Database Files
Using the utility database
Utility database server security
A level of security is provided for the ability to execute certain administration tasks. The -gu
database server option controls who can execute the file administration statements.
There are four levels of permission for the use of file administration statements. These levels include: all, none, DBA, and utility_db. The utility_db level permits only a person with authority to connect to the utility database to use the file administration statements.
-gu option | Effect | Applies to |
---|---|---|
All | Anyone can execute file administration statements | Any database including utility database |
None | No one can execute file administration statements | Any database including utility database |
Dba | Only DBA-authority users can execute file administration statements | Any database including utility database |
Utility_db | Only the user who can connect to utility database can execute file administration statements | Only the utility database |
For more information on the database server -gu
option, see -gu server option.
To prevent the use of the file administration statements, start the database server using the none permission level of the -gu
option. The following command starts a database server and names it TestSrv. It loads the sample database, but prevents anyone from using that server to create or delete a database, or execute any other file administration statement regardless of their resource creation rights, or whether or not they can load and connect to the utility database.
dbsrv9.exe -n TestSrv -gu none asademo.db
To permit only the users knowing the utility database password to execute file administration statements, start the server at the command prompt with the following command.
dbsrv9 -n TestSrv -gu utility_db
Assuming the utility database password has been set during installation to asa, the following command starts the Interactive SQL utility as a client application, connects to the server named TestSrv, loads the utility database, and connects the user.
dbisql -c "uid=DBA;pwd=asa;dbn=utility_db;eng=TestSrv"
Having executed the above statement successfully, the user connects to the utility database, and can execute file administration statements.