Granting dba and resource authority – Sybase 12.4.2 User Manual

Managing individual user IDs and permissions

358

GRANT CONNECT TO

userid IDENTIFIED BY password

The same command can also be used to add a new user. For this reason, if you
inadvertently enter the user ID of an existing user when you mean to add a new
user, you are actually changing the password of the existing user. You do not
receive a warning because this behavior is considered normal. This behavior
differs from pre-Version 12 Adaptive Server IQ.

To avoid this situation, use the system procedures

sp_addlogin

and

sp_adduser

to add users. These procedures give you an error if you try to add an existing
user ID, as in Adaptive Server Enterprise and pre-Version 12 Adaptive Server
IQ.

Changing the DBA
password

The default password for the DBA user ID for all databases is SQL. You should
change this password to prevent unauthorized access to your database. The
following command changes the password for user ID DBA to new_password:

GRANT CONNECT TO DBA

IDENTIFIED BY new_password

If you are using DBISQL, it is a good idea to put your permission grants into a
command file for reference and so that it can be modified and run again if it is
necessary to recreate the permissions.

Granting DBA and resource authority

DBA and RESOURCE authority are granted in exactly the same manner as
each other.

❖

To grant resource permissions to a user ID:

1

Connect to the database as a user with DBA authority.

2

Type and execute the SQL statement:

GRANT RESOURCE TO

userid

For DBA authority, the appropriate SQL statement is:

GRANT DBA TO

userid

Notes

•

Only the DBA can grant DBA or RESOURCE authority to database users.

•

DBA authority is very powerful, granting the ability to carry out any
action on the database and access to all the information in the database. It
is generally inadvisable to grant DBA authority to more than a very few
people.