Jim, Should be the userid of either the submitting address space or USER=xxxxxx. Unless there is some other funky exit playing about with the ACEE. One way to find it is that the OPERCMDS MVS.UNKNOWN UACC(READ) will be used to authorize the command from the MVS side before it even gets to DB2 which might make it easier to find. Then you can go about making the proper GRANT in DB2 or associating the proper GROUP with the right User ID. Or if feeling more adventurous, converting all DB2 security into the security product.
Hopefully that helps some, Rob Schramm Sirius Computer Solutions ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html