Users with RDB$ADMIN granted to them have the ability to creates users. They can, of course, also grant other roles to users.
But they cannot revoke roles already granted to a user by another RDB$ADMIN or SYSDBA since the RDB$GRANTOR is always a user not a role. Does anyone know a way to allow all RDB$ADMIN role users, the permissions to allow granting and revoking of roles granted by other users? Regards Alan McDonald
