At 12:46 PM 12/3/2001 -0700, you wrote:

> > Hi, how can I create / edit a user of Interbase with IBO? I want to
> > programmatically create users and change their passwords inside my
> > program.
>
>I use a service application running on the same machine as the database
>server which will watch a table on the application database and carry out
>the operations. I think I provided that as a sample application to go along
>with the new NT Service app stuff. Let me double check and make sure where
>that might be.
>
>There is no other way of doing this without making your SYSDBA password
>available in some way shape or form outside of the server itself.
>
>Jason Wharton

Jason,

Does this mean that stored procs run with the permissions of the user
calling them, instead of the user creating the procs?

I have not gotten to the point of testing this yet, but on our Sybase apps
we create stored procs with the DBA as the creator and then grant
permission to the "manager" users to be able to run the proc. Since Sybase
runs procs with the permissions of their creator we can give DBA powers to
lower users without giving them the DBA login.

The proc looks like this

create procedure "DBA".NewMedUser(in UserName char(128),in PassWord char(128))
begin
execute immediate 'grant connect to '||UserName||'IDENTIFIED BY '||PassWord;
execute immediate 'REVOKE MEMBERSHIP IN GROUP PUBLIC FROM '||UserName;
execute immediate 'GRANT MEMBERSHIP IN GROUP G_USERSYS TO '||UserName;
end;
GRANT EXECUTE ON "DBA"."NewMedUser" TO "ADMIN";


Just a thought.

Allen.