The DBA privilege is required in order to grant and revoke DBA privileges, CONNECT privileges, and schema definition privileges. It permits the following actions:

• Granting DBA privileges, CONNECT privileges, and schema definition privileges to other people
• Revoking DBA privileges, CONNECT privileges, and schema definition privileges granted to other people
• Defining other users' schemas
  Defining a schema allows the schema owner to define base tables, view tables, indexes, abstract data types, foreign tables,¹ foreign indexes,¹ stored procedures, stored functions, and triggers.
  
• Deleting other users' schemas, base tables, view tables, indexes, abstract data types, foreign tables,¹ foreign indexes,¹ stored procedures, stored functions, and triggers
• Defining items related to the connection security facility
• Connecting to HiRDB (CONNECT privilege holders²)
• Defining and modifying foreign servers¹
• Defining user mapping¹

¹ Operation that can be performed when using HiRDB External Data Access. For details about HiRDB External Data Access, see HiRDB External Data Access Version 8.

² The CONNECT privilege is not needed to use the Directory Server linkage facility. For details about the Directory Server linkage facility, see Section 2.3 Linkage to directory server products.

This privilege is required for auditors. This privilege allows a user to perform the following actions:

• Accessing audit trail tables
• Loading data to audit trail tables
• Granting and revoking the SELECT privilege to audit trail tables
• Deleting audit trail tables
• Changing auditor passwords
• Defining and deleting audit events
• Swapping audit trail files

To use the security audit facility, you need to set the audit privilege. For details about the security audit facility, see 9.2 Security audit facility.

The CONNECT privilege is required in order to use HiRDB. This privilege permits a user to connect to the database. An attempt to connect to the database by a user who does not have the CONNECT privilege results in an error.

Using the Hitachi Directory Server linkage facility

When user information (user ID and password) is registered into the Directory Server, the CONNECT privilege is granted to the user. For details about the Directory Server linkage facility, see Section 2.3 Linkage to directory server products.

The schema definition privilege is required in order to define a schema. This privilege permits a user to take the following actions:

• Defining the user's own schema
  Defining a schema allows the schema owner to define base tables, view tables, indexes, abstract data types, foreign tables,^* foreign indexes,^* stored procedures, stored functions, and triggers.
  
• Deleting the user's own schemas, base tables, view tables, indexes, abstract data types, foreign tables,^* foreign indexes,^* stored procedures, stored functions, and triggers

^* Operation that can be performed when using HiRDB External Data Access. For details about HiRDB External Data Access, see HiRDB External Data Access Version 8.

The RDAREA usage privilege is required in order to use an RDAREA. This privilege permits a user to define tables and indexes in the RDAREA to which the privilege applies. An RDAREA for which the RDAREA usage privilege is granted by specifying an authorization identifier is called a private user RDAREA, and an RDAREA for which the RDAREA usage privilege is granted by specifying PUBLIC is called a public user RDAREA.

An access privilege is required in order to access a table. Only those users who have an access privilege are allowed to access a table. Access privileges are set for each table. The types of access privilege are listed in Table 9-1.

Table 9-1 Access privilege types