On Thu, 2005-02-17 at 12:21, Ian Meyer wrote:
Michael Dykman wrote:
On Thu, 2005-02-17 at 10:41, Ian Meyer wrote:
Hello everyone,
We have a few MySQL servers (4.1.8) running on RedHat ES3. We're having problems when trying to use hostnames in the grant command.
Example: create database blah; grant all on blah.* to 'user'@'host' identified by 'xxxx'; (also have used the FQDN instead of just host)
When trying to connect, it fails with the message: 'MySQL Error Number 1045 Access denied for user 'user'@'192.168.2.103' (using password: YES'
Our DNS servers have correct forward and reverse entries for all of our machines. I read the docs about MySQL and DNS, but I still can't figure this out.
Thanks, Ian
Instead, try determining what the ips the host names resolve to (not the other way around) If you are GRANTing to [EMAIL PROTECTED] , you want to make sure that when the machine 'foo' connects, it is connecting as the same ip address the 'foo' resolves to when the server looks it up
for example, $ host foo might translate to foo.domain.com -> 20.20.20.21 [external ip] but foo is connecting as 192.168.1.21 [internal ip] and Mysql will reject the connection.
This is all internal, so that isn't an issue. See my 2nd or 3rd reply for additional `host` information for the hosts I'm trying to connect with.
your right, I had noticed the reverse lookup but didn't see the forward..
I note that the lookup finds an address for the fully qualified domain
name, not just the lowest-level..
if host resolves to host.domain.com resolves to 'someip' and you are granting to host, it might be that mysql (very wisely and safely) chooses not to attempt the resolution with additional qualifications (domain.com). Perhaps if your GRANT was to the fully qualified name MySQL could match it to the incoming address unambiguously?
Tried the FQDN like 'user'@'thishost.domain.com' and it still didn't work.
I'll do the source deal after lunch and let y'all know what the story is. Thanks so far for your help.
Ian
-- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe: http://lists.mysql.com/[EMAIL PROTECTED]
