When you create a database, a single usable user ID is also created. By default, the first user ID is DBA, and the password is initially sql (passwords are case sensitive). You can change the name and password of the DBA user using the DBA USER and DBA PASSWORD clauses of the CREATE DATABASE statement or by specifying the dbinit -dba option. See CREATE DATABASE statement, and Initialization utility (dbinit).

The DBA user ID automatically has DBA authority within the database. This level of permission enables DBA users to perform any activity in the database. They can create tables, change table structures, create new user IDs, revoke permissions from users, back up the database, and so on.

DBA authority is not inherited by group membership.

Users with DBA authority

A user with DBA authority becomes the database administrator. References made to the database administrator, or DBA, include any user or users with DBA authority.

Although DBA authority may be granted or transferred to other user IDs, this chapter assumes that the DBA user ID is the database administrator, and that the abbreviation DBA means both the DBA user ID and any user ID with DBA authority.

Adding new users

The DBA has the authority to add new users to the database. As the DBA adds users, they are also granted permissions to perform tasks on the database. Some users may need to simply look at the database information using SQL queries, others may need to add information to the database, and others may need to modify the structure of the database itself. Although some of the responsibilities of the DBA may be handed over to other user IDs, the DBA is responsible for the overall management of the database by virtue of the DBA authority.

The DBA has authority to create database objects and assign ownership of these objects to other user IDs.