How to add Existing snowflake user to ORGADMIN - replication

I have created two accounts in two different regions(Us-East & Asia). Now I am trying to do replication of database from US-East to Asia account.
Below are the steps I followed.
US-East
select current_region();
use role accountadmin;
show global accounts;
use role orgadmin;
select system$global_account_set_parameter('SI49837', 'ENABLE_ACCOUNT_DATABASE_REPLICATION', 'true');
show organization
accounts;
alter database DEMO enable replication to accounts fe85487.ap_south_1;
After executing above alter statement I am getting below error.
SQL compilation error: Object 'AP_SOUTH_1' does not exist or not authorized.
I am unable to add existing account(Asia Pacific) to ORGADMIN role.
Can anyone help me how to add existing asia pacific account to ORGADMIN account.

Related

How do i add a User to a Database that is in an always on Availability group?

i have a an always on availability group with one database called Mydb, 1 Primary Replica - MyReplica1 and 1 secondary - MyReplica2 in Async Commit. It is also a readable secondary.
I want to add a new login and map it as DBO in the database Mydb.
Creating the login and mapping in MyReplica1 is fine with no issues.
Creating Login on MyReplica2 is fine but i cannot map it or create the user as i get the error below
Failed to update database "Mydb" because the database is read only. (Microsoft SQL Server, Error: 3906)
Any thoughts on how i can go about this without having to failover to the Secondary just to create the Login.

Database Replication from one region to another region in snowflake

I am following below steps to replicate the database of one region(AWS-us-east) to anoter region(AWS-AP-south). While doing I am getting below error.
I logged into us-east account as a accountadmin role.I tried to replicate the db from primary account to another account.
select current_region();
AWS_US_EAST_2
use role accountadmin;
alter database DEMO enable replication to accounts fe85487.AWS_AP_SOUTH_1;
while doing this I am getting below error.
SQL compilation error: Object 'AWS_AP_SOUTH_1' does not exist or not authorized.
can anyone help me what mistake I did and if possible suggest me the steps to achieve this task

There is already an object named "Test" in the database while adding a role using SP_AddRole in SQL Server 2012

I am trying to add a role in my master database in SQL Server 2016 using below command:
SP_AddRole 'test'
I am getting this error:
There is already an object named "test" in the database.
I have checked expanding Roles in my master database, and I found that there is no Role with name "test" in my master database.
Still I have tried to Drop that Role using below query:
Drop Role 'Test'
I get this error:
Cannot drop the role because it does not exist or you do not have permissions
When I try to alter Role using below query:
Alter Role Add Member "Domain\userName"
I was getting same error as below:
Cannot alter the role because it does not exist or you do not have permissions.
Note: I have all permissions and privileges to SQL Server and master database.
Can someone please suggest what can be done in order to resolve this?
I can't change the name of the role as it is very important for my applications to create a role with this name.
There was an already created SCHEMA in that SQL Server database.
I have deleted that schema
DROP SCHEMA Test
And then below SQL query worked.
SP_AddRole 'Test'
When I create Role, a default schema with same name gets created which was visible when I expand Schemas.
When I try to Drop the Role, I will need to first Drop the schema and then the Role.
Even if the schema with same name(But Role does not) present, SQL Server does not allow me to create new Role with same name.
Reference here

can't read data from a few specific tables with db_datareader role

I do have admin permission for a certain Azure SQL Server. So using my admin login I created a database user against a specific Azure SQL database in the following manner:-
CREATE USER myuser WITH PASSWORD = '<pwd>'
ALTER ROLE [db_datareader] ADD MEMBER [myuser]
After this I successfully logged into the database using this new credential for myuser. I discovered that while I can query data from most of the tables , there are certain tables for which I can't select any data. I can see the table name in SSMS , also no error for SELECT queries against those tables I receive , the only issue is that SELECT doesn't return any data ( 0 rows ) for those tables. If I fire SELECT using my admin credentials , I can very much see the result.
I tried to reproduce the same issue using the same commands which you have shared.
FYI, as a part of repro, I created an Azure SQL Server and then SQL database in the same server. I added three sample tables to match the scenario as you mentioned. Then I created user and grant db_datareader role with the same commands as you mentioned. It worked fine for me. I’m able to read the data of all the table in that specific database.
I suggest you consider How to Create Login, User & Assign Permissions in SQL Server and Overview of db_datareader role.
Alternatively, you can grant select permission to those tables which you are unable to read using below command:
GRANT SELECT ON <tablename> TO <user>;

System and database leveled users in Oracle Database

I'm using the Oracle Database EX 11.2.0.2.0 and I hava a quite simple database created there.
Now the issue is i would like to have multiple users with different privileges set up. I have found that topic: How to create a user in Oracle 11g and grant permissions
but I cannot find anywhere the basic thing about users accounts:
what are the difference between creating system-leveled and particular database-leveled user?
I've logged in sqlplus as SYSTEM and executed the following commands:
CREATE USER TEST IDENTIFIED BY password;
GRANT CONNECT TO TEST;
and now the problem is that my databse is actually called let's say BASE with one table called PAYMENTS and to give any privileges to a newly created user I cannot execute:
GRANT SELECT ON PAYMENTS TO TEST;
but I have to type in:
GRANT SELECT ON BASE.PAYMENTS TO TEST;
so I suppose I missed something. Is it any way of connecting the created user to a particular database? So that the newly created user will be visible as a database user in Oracle APEX?
When referencing objects in other schemas, you must provide the schema name. An other user might have a table with the same name. Currently you are logged in with the system user, which is not advisable. When creating objects in the BASE schema (another name for user in de Oracle DB), why not give the user some extra rights (like granting privileges)?
The core of your problem is that you want to grant privileges to user A on object owned by B, logged in as user C. You have to be very specific in that case to Oracle what privileges are granted to whom ;)
Users and schemas are synonymous in Oracle - basically. A schema is the collection of objects owned by a user.
To get what you want, you would need to create users lacking the privs to create anything and only have the ability to select from the objects of others.