Subject Re: [firebird-support] Re: Delegating SYSDBA and enumerating users
---In, <cerrogrande69@...> wrote :

> Now I have a couple of questions for you:
> 1. Do you know if it is possible in gsec to log in under a custom ROLE?

  Sure, it is possible

> Further to this, is there a way of GRANTing the custom ROLE the RDB$ADMIN ROLE?


> I am guessing this isn't possible for 2 reasons; custom ROLE is in a particular DB not the Security2.fdb,
> and you can't GRANT a ROLE to a ROLE.

  Something in this direction will be available in FB4

> 2. Do you know how things work via the .NET Provider (or rather why they don't :)?
> When connecting using SYSDBA I see all users (ie via FirebirdSql.Data.Services.FbSecurity.DisplayUsers()),
> however logging in using another user (eg your ADM1) and the RDB$ADMIN ROLE, I am still only seeing the
> the single user ADM1.

  I don't use .NET by myself. But quick look at code show that FbSecurity.DisplayUsers() doesn't pass
role name into service manager (it should be done using isc_spb_sql_role_name tag). So, you could
add requiest to the tracker.