IBM Support

IMPORT failure gives misleading message

Technote (troubleshooting)


Attempts to IMPORT command using IBM DB2 results in an error SQL0551N "Insufficient privilege to perform operation "LOCK" on object "


When doing IMPORT command user may receive the "SQL0551N" SQL error message and the similar record could be found in the db2diag.log with misleading message saying that TESTUSER doesn't have
LOCK privilege.

1900-01-01- I1392553A549 LEVEL: Error
PID : 1 TID : 1 PROC : db2bp
APPID : *LOCAL.db.000000000
FUNCTION: DB2 UDB, database utilities, sqluCheckSqlcode, probe:1881
MESSAGE : SQL0551N "TESTUSER" does not have the required authorization
privilege to perform operation "LOCK" on object
DATA #1 : String, 12 bytes
DATA #2 : String, 44 bytes
Error from Import/Export or Load Processing.


This happens because original requirements to grant needed privileges to the user doing IMPORT command wasn't met. The LOCK privilege is implicit privilege and is a part of SELECT
privilege. You can't grant LOCK directly with GRANT command, you can only grant it when you grant SELECT privilege.
During IMPORT operation DB2 doesn't need to fetch any rows from target table, it only needs to lock table to prevent any other activities (thus DB2 checks if USER id has LOCK privilege which is an part of SELECT authority).

Diagnosing the problem

If you have encountered an error SQL0551N "Insufficient privilege to perform operation "LOCK" on object " during IMPORT command that means that you didn't grant SELECT privilege to the user id executing IMPORT command.

Resolving the problem

Check that ALL needed privileges (SELECT, UPDATE, DELETE, CREATETAB) were granted to the TESTUSER as described in DB2 Documentation.

Document information

More support for: DB2 for Linux, UNIX and Windows
Data Movement - Import

Software version: 9.5, 9.7, 9.8, 10.1

Operating system(s): AIX, HP-UX, Linux, Solaris, Windows

Reference #: 1626307

Modified date: 22 February 2013