Adding database users
Set up the primary login roles for users that are authenticated against the DSE database.
login
and password
. Note: To set up the DSE
database user directory feature, set a scheme in the to
internal
.Procedure
-
Create a role with login enabled and an internally stored password:
CREATE ROLE role_name WITH LOGIN = true AND PASSWORD = 'password_string';
where- role_name - The user name for authentication. Enclose the role names that include uppercase or special characters in double quotes.
LOGIN = true
- Allows the role to access the database.PASSWORD = 'default_password'
- Stored internally for database managed accounts.- (Optional)
superuser = true
- Gives full access to all database objects to the user. See Adding a superuser login.
-
To allow the role to be used for authentication when is true, bind the role to an
authentication scheme:
GRANT EXECUTE ON INTERNAL SCHEME TO role_name;
-
To allow another role to manage the new role:
GRANT AUTHORIZE FOR ALTER, DROP ON new_role_name TO management_role;
Tip: All superusers have authorize permissions on all roles. And the role that created the role is granted all permissions on the role. -
Each user can change their own password with the
command.