Hi Kevin,
yes it is a complex matter, i agree completely. but how would you plan
this as a dba or the person involved on administrating MySql. For
instance: You would choose option 2 as the preferable one. But what
would you do if somebody would change its role or that the person would
get other privileges? he will get a new or already created role userID,
but would still be able to logon using the previous user id.
why wouldn't you choose for the 3th option or 1st option? what
disadvantages do you think would option 1 and 3 have?
Best regards,
Danny Stolle
EmoeSoft, Netherlands
Kevin Struckhoff wrote:
Danny,
Although my experience with MySQL user management is limited to just
maintaining a handful of users, I find it rather overly-complex because
of the need to maintain a table of users and 'from where' they can have
access, and to what databases they can have access to. For example, I
just installed MySQL Administrator on my laptop and then I had to add
rows allowing me to access MySQL from my laptop. The ODBC connection
setup should suffice. For every instance of MySQL, you have to have an
entry in the user table for every user from every access point. Then
multiply that by the number of databases in each instance and you can
see that administration of the users can get out of hand.
If I had to choose between the 3 methods listed below, I would choose #2
if there was a large number of roles and users. I would definitely stay
away from option #3 no matter what. HTH.
Kevin Struckhoff
Customer Analytics Mgr.
NewRoads West
Office 818.253.3819 Fax 818.834.8843
[EMAIL PROTECTED]
-----Original Message-----
From: Danny Stolle [mailto:[EMAIL PROTECTED]
Sent: Tuesday, June 14, 2005 10:08 AM
To: mysql@lists.mysql.com
Subject: [SPAM] - discuss: user management - Bayesian Filter detected
spam
hi,
i would like to discuss 'user management' in mysql. Working with Oracle
you can assign users to roles giving them privileges provided by that
role. MySql doesn't have Roles. I have read (Managing and Using MySql,
O'Reilly) 3 options on managing users having multiple roles in a MySql
environment:
1. Giving the user a Single user ID and assign the privileges to that
user ID
2. Create role-bases users and have different people share the same user
ID for a given role.
3. Create multiple user IDs for each role played by each user
(dannys_arch as an architect, dannys_dev as a developer).
Which of these 3 options is the most preferable one or are there more
options which you can use. What are the advantages and disadvantages on
working with one of these 3 options? how do you handle hostnames when
working with random ip-addresses on your site.
Or just plain simple (or stupid) what are your experiences on user
management in a MySql environment.
Best regards,
Danny Stolle
Netherlands
--
MySQL General Mailing List
For list archives: http://lists.mysql.com/mysql
To unsubscribe: http://lists.mysql.com/[EMAIL PROTECTED]