At 03:25 PM 13/02/2005 +0000, you wrote:

>I'm trying to figure out how I can add a "read-only" user to the
>security.fdb using GSEC.
>
>I want to allow my users access to the database via ODBC so they can
>use other tools such as Microsoft Access, to view their information. I
>don't want them to be able to change any of the data, so I like to be
>able to somehow create a "read-only" user, i.e. with just SELECT
>privileges.
>
>I've already created a user/role in my database, but now need to get a
>user in the security database.
>
>Any one have any ideas on how I can do this?

You can't define access privileges in the security database. It is for
authenticating users for the purpose of accessing the server.

SQL privileges is the proper way to set up a particular user's rights to
see and operate on objects in specific databases. As you have apparently
discovered already, you can set up privileges for a user without that user
actually existing yet in security.fdb.

To add users, run the GSEC utility as sysdba. You can add a user from the
command-line, e.g., to add user 'pearl' with password 'g1eam1ng':

gsec -add pearl -pw g1eam1ing -user sysdba -password xxxxxxxx

or you can run the GSEC shell:
gsec -user sysdba -password xxxxxxx
GSEC> add diamond -pw g11ttery
GSEC> quit

./heLen