A prerequisite for the development of a SESAM/SQL database is that the system user ID of an authorized person is specified in the DBH option ADMINISTRATOR. This entry authorizes the relevant BS2000 user to issue the utility statement CREATE CATALOG.
When a database is created with the utility statement CREATE CATALOG, a system entry (among other things) is generated and is stored in the database's catalog space: the database administrator specifies an authorization identifier in the USER clause in CREATE CATALOG and assign the key to a system user ID. Normally, the system user ID and the associated CREATE CATALOG authorization are used (i.e. the system user ID specified in the DBH option ADMINISTRATOR).
The system entry defined with CREATE CATALOG is the database's first system entry and identifies the so-called “universal user”. The universal user is equipped with comprehensive rights that allow him to set up additional users and assign privileges. The universal user can be seen as a central agency that holds all rights, particularly those associated with the SESAM/SQL database, and can assign these rights freely to other users.
The universal user assigns these rights by the following means:
Creation of new SQL users (see the section that follows).
Assignment of special privileges to new SQL users (see section “Access protection based on privileges in SQL”)