The Oracle GoldenGate processes must be assigned a user profile account that is dedicated to Oracle GoldenGate and cannot be used by any other program. One user profile can be used by all of the Oracle GoldenGate processes. This profile need only be granted permission to the objects that Oracle GoldenGate will be operating upon. If specific change data is not to be seen by Oracle GoldenGate, do not include it in any of the journals that the Oracle GoldenGate user profile is allowed to access.

The Manager process must have privileges to control all other Oracle GoldenGate processes (DB2 for i *JOBCTL authority).

Assign *USE authority to all objects on the system that the Extract user profile must have access to. Assign *CHANGE authority to all objects on the system that the Replicat user profile must have access to. This can be accomplished by either granting *ALLOBJ authority to the user, or by setting the individual authority to the objects (FILE, LIBRARY and JOURNAL objects) that the user must access. This includes the objects in the QSYS2 library where the SQL catalog resides. These authorities must be granted through the native DB2 for i interface through a 5250 terminal session or through the DB2 for i Operations Navigator product available from IBM.

The Extract and Replicat database user profiles must be specified with the USERID parameter when you configure the parameter files and in the DBLOGIN command prior to issuing any GGSCI commands that interact with the database.

The Oracle GoldenGate user profile that runs the Extract process needs to have the *USE authority on the QSYS/QPMLPMGT service program.