In SAP Sybase IQ versions earlier than 16.0, the DBA user was often considered a super-user by virtue of being granted the DBA authority. The DBA user continues to exist in 16.0, however, the concept has changed.
In SAP Sybase IQ versions earlier than 16.0, you created a super-user by granting a user DBA authority. Users with DBA authority can perform any privileged task in the system. When you upgrade your database to 16.0, any users granted DBA authority are granted the equivalent SYS_AUTH_DBA_ROLE compatibility role and become a super-user. After migration, the super-user itself must be managed to preserve its super-user abilities.
When you create a new role without specify an administrator, users with the MANAGE ROLES system privilege (global administrators) can administer the role. Since MANAGE ROLES is one of the system privileges granted to the SYS_AUTH_DBA_ROLE compatibility role, super-users can administer new roles.
However, if you create a new role and assign administrators, administration is then limited to only those administrators; global administrators, and thus super-users, cannot administer the role. You must explicitly assign the super-user as an administrator of the role.
You can migrate the SYS_AUTH_DBA_ROLE compatibility role to a user-defined role, and eventually drop it. Since the ability of the super-user to perform any privileged task is dependent on the SYS_AUTH_DBA_ROLE compatibility role, before you drop the SYS_AUTH_DBA_ROLE compatibility role, you must grant the super-user membership in the new user-defined role or grant each of the underlying system privileges directly or indirectly to the super-user.