Filter
Top Products
Role separation provides increased database security because the database server
splits administrative tasks into mutually exclusive roles. If you do not enable role
separation, the Informix-Admin group performs all administrative tasks. For
detailed information about the role separation feature, see the IBM Informix Security
Guide.
You cannot turn off role separation after you enable it. To remove role separation
from your system, you must use the uninstaller to remove all database instances
and related files. and then reinstall the database server without role separation.
If you choose to enable role separation during installation, you are prompted to
create groups and users and add the users to the corresponding groups.
Table 1-1. Role Separation
Default Group Name Role Category Role Definition
Informix-Admin General Database
Administration
Performs general administrative tasks,
such as archiving and restoring data,
monitoring use and performance, and
tuning the system.
ix_dbsso Database System
Security Officer
Maintains the security of the database
server. Functions of this role include
audit adjustment and changing security
characteristics of storage objects. Creation
of this user role requires selection of a
password during installation.
ix_aao Auditing Analysis
Officer
Audits the records of specific types of
database activities. If someone attempts
to circumvent or corrupt the security
mechanism of the database, these actions
can be traced. Creation of this user role
requires selection of a password during
installation.
ix_users Database Users Accesses the database to perform
end-user tasks. Only users who are
designated as members of the ix_users
group can access the database.
During installation, you can replace these default users and groups with existing
users or groups.
Installation Directory
The drive on which the directory exists must be formatted using NTFS. You do not
need to create the directory before installation. IBM Informix software refers to this
installation directory as %INFORMIXDIR%, and often the INFORMIXDIR
environment variable is set to this directory. The installation application suggests a
default %INFORMIXDIR% path, which you can change by typing a different
path.
Choosing between Local and Domain Installations
You can install locally or in a domain.
Chapter 1. Preparing to Install IDS (Windows) 1-9