pdusrchk (Check the Directory Server for user information)

Function

The pdusrchk command checks whether or not the users registered in HiRDB are registered in the Directory Server. The command outputs the result to the standard output.

When user management is changed from HiRDB to the Directory Server or when users are registered into or deleted from the Directory Server, inconsistencies may occur between the users registered in HiRDB and the users registered in the Directory Server. The pdusrchk command is used to achieve consistency in user information.

Executor

HiRDB administrator

Format

pdusrchk [-k display-target-type]

Options

Specifies the type of information to be displayed. When this option is omitted, the command displays all information.

usr:
Display whether or not the users registered in the dictionary table SQL_USERS are registered in the Directory Server.
rdp:
Display whether or not the users with RDAREA usage privileges that are registered in the SQL_RDAREA_PRIVILEGES dictionary table are registered in the Directory Server.
tbp:
Display whether or not the users with table access privilege that are registered in the SQL_TABLE_PRIVILEGES dictionary table are registered in the Directory Server.

Rules

  1. The pdusrchk command can be executed only while HiRDB is active.
  2. The pdusrchk command must be executed at the server machine that contains the single server or where the system manager is located.
  3. You can execute the pdusrchk command only while you are using the Directory Server linkage facility.
  4. In the pdusrchk command execution environment, set the LANG environment variable that is appropriate to the character codes type specified in the pdsetup command.
  5. To execute the pdusrchk command, place system RDAREAs in open and shutdown-release status.

Notes

  1. Not all users registered in the Directory Server can connect to HiRDB.
  2. When the pdusrchk command is executed, the data dictionary RDAREAs (SQL_USERS, SQL_RDAREA_PRIVILEGES, and SQL_TABLE_PRIVILEGES) are locked.
  3. The following shows the pdusrchk command's return codes:
    0: Normal termination
    8: Abnormal termination
  4. If DIR_SRV in the output format is N, register or delete the user as shown below:
    • When -k usr is specified
      Delete from HiRDB a user who does not have the DBA, schema definition, or audit privilege. Also delete a user from HiRDB who does not need to connect to HiRDB. Register into the Directory Server a user who needs to connect to HiRDB.
    • When -k rdp or -k tbp is specified
      Delete from HiRDB a user who does not need to connect to HiRDB. Register into the Directory Server a user who needs to connect to HiRDB.
  5. When it is executed, the pdusrchk locks the following resources in the SR mode:
    • Dictionary RDAREAs that contains SQL_USERS, SQL_RDAREA_PRIVILEGES, and SQL_TABLE_PRIVILEGES
    • Dictionary tables (SQL_USERS, SQL_RDAREA_PRIVILEGES, and SQL_TABLE_PRIVILEGES)

Output format

Explanation
aa...a:
User ID (up to 8 characters)
b:
Whether or not the user has the DBA privilege:
Y: The user has the DBA privilege.
N: The user does not have the DBA privilege.
c:
Whether or not the user has the schema definition privilege:
S: The user has a schema.
Y: The user has the schema definition privilege.
N: The user does not have the schema definition privilege.
d:
Whether or not the user has the audit privilege:
Y: The user has the audit privilege.
N: The user does not have the audit privilege.
e:
Whether or not the user is registered in the Directory Server:
Y: The user is registered in the Directory Server.
N: The user is been registered in the Directory Server.
Explanation
aa...a:
User ID (up to 8 characters)
bb...b:
RDAREA name (up to 30 characters)
c:
Whether or not the user is registered in the Directory Server:
Y: The user is registered in the Directory Server.
N: The user is been registered in the Directory Server.
Note
If there is no information to be output, the command displays ***** SQL_RDAREA_PRIVILEGES INFORMATION NOTHING *****.
Explanation
a:
Type of user name:
G: Role name
blank: User ID
bb...b:
User ID, or role name (up to 30 characters)
cc...c:
Table name (up to 30 characters)
d:
Whether or not the user has the SELECT privilege:
G: Table owner
Y: The user has the SELECT privilege.
N: The user does not have the SELECT privilege.
e:
Whether or not the user has the INSERT privilege:
G: Table owner
Y: The user has the INSERT privilege.
N: The user does not have the INSERT privilege.
f:
Whether or not the user has the DELETE privilege:
G: Table owner
Y: The user has the DELETE privilege.
N: The user does not have the DELETE privilege.
g:
Whether or not the user has the UPDATE privilege:
G: Table owner
Y: The user has the UPDATE privilege.
N: The user does not have the UPDATE privilege.
h:
Whether or not the user is registered in the Directory Server:
Y: The user is registered in the Directory Server.
N: The user is been registered in the Directory Server.
Note
If there is no information to be output, the command displays ***** SQL_TABLE_PRIVILEGES INFORMATION NOTHING *****.