I had one admin user with username = root (had admin privileges) and password =admin then i created new user with username =root (have no privileges) and password =root. but what happened now I have lost access to root user(admin) and i am able to access only root user which is newly created.now i am unable to do anything with this newly created root user. it show access denied for every operation. so is there any way to gain access to root(admin) user or give admin privileges to new root user or reset databases and start by new. I tried many solution but none of them worked for me.
Complete account name includes both username part and host part. See Specifying Account Names and the difference between USER() and CURRENT_USER().
Check complete names for both root accounts. Then log in by the way which makes "old" root account matched one only.
For example, if "old" is 'root'#'%' and "new" is 'root'#'localhost' or 'root'#'127.0.0.1' then disable network connections (--skip-networking=ON in the service command line) and connect using named pipes or shared memory (on Windows) or Unix socket files (on Unix). Or connect to the server remotely.
Related
I'm having an issue with mysql. I am trying to allow remote access. I found that if I write in my.cnf:
bind-address=my.ip.address
It works remotely, but using a php script that tries to access the database using the same ip doesn't work anymore!
If I remove this line, I can connect locally, but not remotely.
I tried setting it to 0.0.0.0, which has the same effect as if it were not there at all.
I saw that you can't bind to multiple addresses unfortunately. Any way to resolve?
MYSQL User accounts have 2 parts
The userid
The domain from which they can connect to this MYSQL Server instance
EG 'root'#'localhost'
So you need to create a new user account, you dont want to give access to the root id externally, and make this new userid allowed to connect from either a specific ip address (more secure) or any ip address
From the command line mysql.exe processor you woudl do this
CREATE USER 'somone'#'11.22.33.44' IDENTIFIED BY 'mypass';
for a specific ip address
Or
CREATE USER 'somone'#'%' IDENTIFIED BY 'mypass';
To allow access from any ip adddress in the universe, so better make the password a good strong one
Then you allocate privilages to one or more databases to this new account
GRANT SELECT,INSERT,UPDATE,DELETE,CREATE,DROP
ON database_name.*
TO 'someone'#'%';
References
CREATE USER http://dev.mysql.com/doc/refman/5.7/en/create-user.html
Grant http://dev.mysql.com/doc/refman/5.7/en/adding-users.html
I need to give a remote user access to a MySQL database. I also need to limit the permissions they have to the MySQL database tables. The current database contains approx. 50+ tables so rather than revoke permissions table by table, I'm trying to give the user access with no privileges and then add those that are needed. What I've done appears to work when:
I'm logged in as root (via SSH)
I login using "mysql -u username -p" - enter my password for the newly created user.
This users account honors all the privileges I've set up. However, when this user tried to connect via their desktop client - they can connect but can not view the database. When using "use databasename" they get this error:
Error Code: 1044. Access denied for user 'username'#'%' to database 'database_name'
Not sure if this helps but I'm using Media Temple DV w/ Plesk. I've first added the user. Then I SSH in and revoked ALL privileges. Then I added the privileges for the user and did command "flush privileges". Nothing is working. As I said, if I'm accessing via the command line (after SSHing in as root) the permissions are honored and I can access the database - just not remotely.
Any help would be greatly appreciated.
May be network that is allowed to connect is localhost, but not users network IP.
And check max connections amount.
If you're logged in as root via SSH and MySQL database is on the same machine, then i guess that if you run:
mysql -u username -p
you try to connect to MySQL as 'username'#'localhost' user.
If you want to connect to MySQL database from outside of this server, you need to:
create user like 'username'#'%' which allow to connect to MySQL using 'username' from anywhere ('%')
allow mysql server to connect from outside by setting bind-address more details here
I tried to create a user to grant access to a database hosted at amazon RDS, the user was created, but I can't access to the database that it has allowed to manage, here's the code I used:
GRANT ALL PRIVILEGES ON my_db.* TO 'admin'#'my.rds.domain' IDENTIFIED BY
'xxxyyyzzz';
FLUSH PRIVILEGES ;
I ran that from my mysql client — DataGrid– also, I verified that the user was created using:
SELECT * FROM mysql.user;
And effectively, the user is listed.
Is there any special configuration I have to make at RDS console, or what?
In the GRANT command, 'admin'#'my.rds.domain' means that admin user connecting from my.rds.domain host is granted all privileges on my_db's all objects.
If this admin user attempts to log on from hostname abc.microsoft.com, no access will be given. If the hostname is not understood by MySQL server, it uses IP to form a user#hostname (e.g. 'admin'#'88.99.11.22'). If that entry is not in mysql.users table access will be denied.
If we use 'admin'#'%', it means that admin user logging in from any system is granted the rights. So when you changed hostname to %, access was granted. For better security, if you know that the user is going to log on from a particular IP or hostname only, it would be best to do like you did ('admin'#'hostname').
When I'm logged into Linux as root (or sudo), I thought when I typed mysql that MySQL used the current username and password of the Linux user, however, when I try that, it just gives error ERROR 1045 (28000): Access denied for user 'root'#'localhost' (using password: NO). I don't want to disable requiring a password, I just want it passed from the current user if they're not specified (I've already disabled anonymous users too).
If you don't specify the username, MySQL on Linux uses the username of the calling process, but not the password belonging to that user.
The password of the caller is not available to applications on Linux, and I think this is for the best!
By default, MySQL authenticates against an internal table of users and passwords that has nothing to do with the operating system's passwd file. The fact that MySQL instances often have a user called 'root' is coincidence; the MySQL 'root' is not the same as the Linux 'root', and they can (and should) have different passwords.
If you want to avoid the requirement to type a password every time, you should save a default user/password in $HOME/.my.cnf:
[client]
user = scott
password = tiger
(I recommend against storing the superuser password in this file.)
In MySQL 5.6, they introduces a new feature to store login credentials more securely. See https://dev.mysql.com/doc/refman/5.6/en/mysql-config-editor.html
Turn on the option AllowNoPassword on file /etc/phpmyadmin/config.inc.php.
Edit the file config.inc.php, search and uncomment this line:
// $cfg['Servers'][$i]['AllowNoPassword'] = TRUE;
if it's set to false make it true and restart the Mysql Service and you are good to go
Then you can access PhpMyAdmin/MySQl Console without password.
just put an alias in your .bashrc:
alias mysql="mysql -u root -pYourPassWord"
I've just tried to create a bunch of users for a (currently local) database but I'm having issues connecting to the database and not too sure what I'm doing wrong.
The users exist after creation but I can't connect to the database with their credentials while using Workbench for connection testing.
I've created my users and then granted them permission straight after as so:
CREATE USER 'username'#'%' IDENTIFIED BY 'password';
GRANT ALL ON DATABASE.* TO 'username'#'%';
If I run SELECT * FROM mysql.user; to see the users, I can see that the users are there.
I've tried flushing privileges but it doesn't seem to make any difference.
When trying to connect to the server via Workbench as one of the users I've created I get re-prompted for my password. It then seems to either hang or tell me the password is wrong.
This is initially local for development purposes but I'll be setting this up on a server once I've got this working. Could this be down to it being ran locally?
As mentioned in the MySQL documentation for adding users, when connecting locally a user must be created #'localhost' as well as to wildcard locations:
Two of the accounts have a user name of monty and a password of
some_pass. Both accounts are superuser accounts with full privileges
to do anything. The 'monty'#'localhost' account can be used only when
connecting from the local host. The 'monty'#'%' account uses the '%'
wildcard for the host part, so it can be used to connect from any
host.
It is necessary to have both accounts for monty to be able to connect
from anywhere as monty. Without the localhost account, the
anonymous-user account for localhost that is created by
mysql_install_db would take precedence when monty connects from the
local host. As a result, monty would be treated as an anonymous user.
The reason for this is that the anonymous-user account has a more
specific Host column value than the 'monty'#'%' account and thus comes
earlier in the user table sort order. (user table sorting is discussed
in Section 6.2.4, “Access Control, Stage 1: Connection Verification”.)
With a user only being denoted with a host name of '%' to allow for connection anywhere MySQL will instead use the anonymous <anonymous>''#'localhost' account because it will attempt to match the localhost location first and then not find the related user name for localhost and so use the <anonymous> user instead.
Alternatively, the anonymous user can be deleted and this should also fix the problem rather than having to duplicate users.