| Subject | Seperation of user creation and SYSBDA role |
|---|---|
| Author | Nikolaus Kern |
| Post date | 2010-11-14T09:31:42Z |
Hello all,
The upgrade to FB 2.5 worked very easy and was done in the production
environment in a few minutes.
In order to use the new features about the CREATE/ALTER/DELETE USER I
would like to understand if following scenario can be achieved:
*) Every user can change his own password -> ok
*) A privileged user - not the SYDBA - can create, alter and delete also
other users
*) This privileged user should not be able to modify the datastructure
by alter/delete views, tables etc.
The objective is to seperate the ability to manage users (for the client
- server application) and the power to mess arround with the datastructure.
Any direction is welcome.
Thanks
Niko
The upgrade to FB 2.5 worked very easy and was done in the production
environment in a few minutes.
In order to use the new features about the CREATE/ALTER/DELETE USER I
would like to understand if following scenario can be achieved:
*) Every user can change his own password -> ok
*) A privileged user - not the SYDBA - can create, alter and delete also
other users
*) This privileged user should not be able to modify the datastructure
by alter/delete views, tables etc.
The objective is to seperate the ability to manage users (for the client
- server application) and the power to mess arround with the datastructure.
Any direction is welcome.
Thanks
Niko