|
Archives of the TeradataForumMessage Posted: Tue, 21 Nov 2006 @ 16:32:01 GMT
Many thanks for the reply but I'm not sure this is what I'm after. To clarify: Before the implementation of the Role, 8 Security User Ids (lets say Userid1, Userid2, .... Userid7, Userid8) have all-conquering access rights with Grant Option to DATABASE A, B & C. The number of rows on access rights table = 600 rows (8 UserIds * 25 (?) access right types * 3 databases) - not sure if the number of distinct access right types is spot on but still ..... To reduce the number of access rights, I might decide to set up a role SECURITY_ROLE that has all-conquering access to databases A, B, and C (1 role * 25 access right types * 3 databases = 75 rows on Role rights table). I then assign the 8 users to this new role and get rid of all their individual access rights. So far so good .. Then Business User User99 comes along and says I just want Select / Update / Insert / Delete access to Database B. In the previous setup with 600 access right rows , no problem. With the new set up involving the role though, this can't be done - the Security Ids Role cannot have Grant option and do not have any individual user id access rights. So unless you grant the SECURITYROLE to userid99, which contains all sorts of access rights that he doesn't need, it's a no go. Isn't it ?? Cheers, Alan
| ||||||||||||||||||||||||||||||||||||||||||||||||
| ||||||||||||||||||||||||||||||||||||||||||||||||
Copyright 2016 - All Rights Reserved | ||||||||||||||||||||||||||||||||||||||||||||||||
Last Modified: 15 Jun 2023 | ||||||||||||||||||||||||||||||||||||||||||||||||