CREATE USERNameCREATE USER -- define a new database user account SynopsisCREATE USER name [ [ WITH ] option [ ... ] ]
where option can be:
SYSID uid
| [ ENCRYPTED | UNENCRYPTED ] PASSWORD 'password'
| CREATEDB | NOCREATEDB
| CREATEUSER | NOCREATEUSER
| IN GROUP groupname [, ...]
| VALID UNTIL 'abstime'
CREATE USER name IDENTIFIED BY password; Description CREATE USER adds a new user to an
EnterpriseDB database cluster. Refer to
Chapter 31 and Chapter 33 for information about managing
users and authentication. You must be a database superuser to use
this command.
Redwood compatible syntax for creating users is also available by using
the IDENTIFIED BY clause. The IDENTIFIED BY clause will create a user
schema with the name of which the user will be the owner.
Parameters- name
The name of the user.
- uid
The SYSID clause can be used to choose the
EnterpriseDB user ID of the user that
is being created. This is normally not necessary, but may
be useful if you need to recreate the owner of an orphaned
object.
If this is not specified, the highest assigned user ID plus one
(with a minimum of 100) will be used as default.
- password
Sets the user's password. If you do not plan to use password
authentication you can omit this option, but then the user
won't be able to connect if you decide to switch to password
authentication. The password can be set or changed later,
using ALTER USER.
- ENCRYPTED
UNENCRYPTED These key words control whether the password is stored
encrypted in the system catalogs. (If neither is specified,
the default behavior is determined by the configuration
parameter password_encryption.) If the
presented password string is already in MD5-encrypted format,
then it is stored encrypted as-is, regardless of whether
ENCRYPTED or UNENCRYPTED is specified
(since the system cannot decrypt the specified encrypted
password string). This allows reloading of encrypted
passwords during dump/restore.
Note that older clients may lack support for the MD5
authentication mechanism that is needed to work with passwords
that are stored encrypted.
- CREATEDB
NOCREATEDB These clauses define a user's ability to create databases. If
CREATEDB is specified, the user being
defined will be allowed to create his own databases. Using
NOCREATEDB will deny a user the ability to
create databases. If this clause is omitted,
NOCREATEDB is used by default.
- CREATEUSER
NOCREATEUSER These clauses determine whether a user will be permitted to
create new users himself. This option will also make the user
a superuser who can override all access restrictions.
Omitting this clause will set the user's value of this
attribute to be NOCREATEUSER.
- groupname
A name of a group into which to insert the user as a new member.
Multiple group names may be listed.
- abstime
The VALID UNTIL clause sets an absolute
time after which the user's password is no longer valid. If
this clause is omitted the login will be valid for all time.
Notes Use ALTER USER to
change the attributes of a user, and DROP USER to remove a user.
Note that the maximum length limit for user ID and password is 63 characters.
Examples Create a user with no password:
CREATE USER jonathan;
Create a user with a password:
CREATE USER davide WITH PASSWORD 'jw8s0F4';
Create a user with a password that is valid until the end of 2004.
After one second has ticked in 2005, the password is no longer
valid.
CREATE USER miriam WITH PASSWORD 'jw8s0F4' VALID UNTIL '2005-01-01';
Create an account where the user can create databases:
CREATE USER manuel WITH PASSWORD 'jw8s0F4' CREATEDB;
Compatibility The CREATE USER statement is an
EnterpriseDB extension. The SQL standard
leaves the definition of users to the implementation.
|