okay , This command is not working
create user username identified by password with admin option ;
It throws an error which says missing or invalid option
And i am logged in as system . I have tried searching Oracle docs and they have written the same command . what i am doing wrong here ?
You need to first create the user;
CREATE USER username IDENTIFIED BY password;
then separately grant privileges with ADMIN OPTION;
GRANT dba TO username WITH ADMIN OPTION;
"ADMIN OPTION" is a part of "GRANT" statement. You can't use it with "CREATE USER".
you don't need to give admin option if you are giving user DBA privilege ,DBA is the administrator
Also you can combine both statements Creation of user with Grant privilege:
create user username
identified by password
grant DBA to username;
Note:Correct me if I am wrong.☺
Related
Its a newbie question but still I am trying to grant create user permission to sysadmin role from the accountAdmin role so that I can create users in the sysadmin role.
The statement I am trying to execute is:
grant create user to role sysadmin;
Error
SQL compilation error: syntax error line 1 at position 18 unexpected 'to'.
What's the exact statement to achieve this?
I tried googling but haven't found any exact query statement in a long time, so posting it here.
Grant create user on account to role role_name ;
Please note that this statement has to be submitted as an ACCOUNTADMIN
https://docs.snowflake.com/en/sql-reference/sql/grant-privilege.html
You could also choose to use the WITH GRANT OPTION which allows the grantee to regrant the role to other users.
Grant create user on account to role role_name WITH GRANT OPTION;
I am trying to create a link between two schemas in SQL Developer and I have an error. The querie I am executing is:
CREATE DATABASE LINK dblink
CONNECT TO Matecode IDENTIFIED BY Matecode
USING 'Matecode';
Where Matecode it's the remote user, password and database Schema I want to be conected. Like this:
CREATE DATABASE LINK dblink
CONNECT TO remote_user IDENTIFIED BY password
USING 'remote_database';
But I am receiving this error
00000 - "insufficient privileges"
*Cause: An attempt was made to perform a database operation without
the necessary privileges.
*Action: Ask your database administrator or designated security
administrator to grant you the necessary privileges
The password and the user are ok.
Check you have "create database link" privilege to the schema where you are creating the Database link. if the privilege is not granted use below statement as 'sysdba' user to grant the "create database link" and then try to create the database link.
SQL:
grant CREATE DATABASE LINK to username;
I'm trying to allow a stored procedure for a user, but struggling to get it right. Hopefully I'm on the right track, thanks for the help.
GO
Alter role ReportDeveloper
Add sp_GetActiveProductInfo
GRANT EXECUTE ON ReportDeveloper TO employee_usr;
Grant permission to database role not user.
USE DB_NAME;
GRANT EXECUTE ON sp_GetActiveProductInfo TO ReportDeveloper;
GO
It rather should be like below per Documentation
USE DB_NAME;
GRANT EXECUTE ON OBJECT::sp_GetActiveProductInfo
TO employee_usr;
GO
You can do it as ;
USE databse;
GRANT EXECUTE ON sp_GetActiveProductInfo TO employee_usr;
GO
If you add this user to a Role you will Grant the permission to the Role where your user is member in :
USE databse;
GRANT EXECUTE ON sp_GetActiveProductInfo TO ReportDeveloper;
GO
I've done this before but not through scripts. I've to create a new user in SQL server (SQL Authentication) and map the user to a database and assign the roles for the user to that database using SQL scripts.
How can I do it?
Try:
CREATE USER [Username] FOR LOGIN [Domain\Username]
EXEC sp_addrolemember N'DatabaseRole', N'Username'
Obviously changing Username, and Domain\Username and the database role to being the username that you wish to grant rights to and the level of access, such as 'db_datareader'
The above solution works for me. However if the Username doesnt yet exist in that database as a USER, that username will not be fully mapped to the database role.
In this situation I first add the user:
USE databasename
CREATE USER [DOMAIN\svce_name] FOR LOGIN [DOMAIN\svce_name] WITH DEFAULT_SCHEMA=[dbo]
GO
Then I add the role:
USE databasename
EXEC sp_addrolemember N'db_ssisoperator', N'DOMAIN\svce_name'
GO
I want to execute a CREATE USER statement, but only when the user doesn't already exist.
What would be the best way of doing this?
If you're creating a user, you need to create a grant too. The grant implicitly creates a user if it doesn't exist (which is why you are encouraged to include the password when creating a grant, just in case they don't exist). see http://dev.mysql.com/doc/refman/5.1/en/grant.html
So an option is to just create the grant (with the password) and the user is implicitly created.
E.g:
GRANT ALL PRIVILEGES ON db_name.*
TO 'user'#'%' IDENTIFIED BY 'password'
WITH GRANT OPTION;
You can select from the "user" table on the default mysql database. Like this:
select *
from user
where User = 'username'
If no results are returned, create a new user.