RDM MySQL user permissions

So at the moment MySQL only supports MySQL login for authentication.

As far as I know you can't create "contained database users" like you can in MS SQL Server (https://docs.microsoft.com/en-us/sql/relational-databases/security/contained-database-users-making-your-database-portable?view=sql-server-2017)

That being said our MySQL datasource has fewer login options than say out SQL Server datasource that also supports, "Custom (Devolutions)" login, where instead of creating a SQL Server user for the authentication, we manage the user authentication within our own tables totally separate from SQL Server authentication.

Is this what you are looking for?

Best regards,,

FYI - Contained Database Users will be supported with the SQL Server Datasource (Azure mode only) in the next major release (v14). Should also be available in non-Azure mode, we need to fully test it first.

Yep that is exactly the info I was looking for. We are going to proceed since it looks like this is only needed durring initial user setup.. From my understanding when users connect to the data source later they would use there individual credentials and the root sql user will not need to be shared?

Exactly, you can use root to create all your users then use those users to connect. You won't need root from that point on.

You could also use root to create an admin users say (_admin) then login with this user to create the other admin & non-admin users.


Keep in mind, when creating non-admin users, we only grant access to the RDM database (no system stuff).


When creating admin users we must also grant the following:
GRANT SELECT ON `mysql`.`user` TO '_ADMIN_USER_'@'%' WITH GRANT OPTION;
&
GRANT CREATE USER ON *.* TO '_ADMIN_USER_'@'%' WITH GRANT OPTION;