I know in the past that the grantor must be the one who revokes that role.
But now we have RDB$ADMIN a user with role RDB$ADMIN can create, edit and
delete users and grant a role to another user.
I would have thought SYSDBA or indeed any other RDB$ADMIN user could revoke
any role.
Firebird
Hi Alan,
I know in the past that the grantor must be the one who revokes that role.
But now we have RDB$ADMIN a user with role RDB$ADMIN can create, edit and
delete users and grant a role to another user.
I would have thought SYSDBA or indeed any other RDB$ADMIN user could revoke
any role.
Hi Alan,
I know in the past that the grantor must be the one who revokes that
role.
But now we have RDB$ADMIN a user with role RDB$ADMIN can create,
edit
and delete users and grant a role to another user.
I would have thought SYSDBA or indeed any other RDB$ADMIN user could
revoke
Alan McDonald wrote:
unsuccessful metadata update SYSDBA is not grantor of Role on MANAGER
to 0S0ASDFASDF.
You have to use GRANTED BY here:
revoke manager from 0S0ASDFASDF granted by rdb$admin
So we're saying SYSDBA has to first make system table enquiries to find out
who