I am working on a project for a client, and instead of using my usual 'root' SQL password, I needed to create a new User/Password with specific access rights. I looke up how to do this and found that I should use the following:
CREATE USER 'AppSrv'#'%' IDENTIFIED BY 'some_pass';
GRANT ALL PRIVILEGES ON some_db.* TO 'AppSrv'#'%' WITH GRANT OPTION;
When I run select * from mysql.user; I can see that the user has been added to the table, however when using PDO or PHPMyAdmin I get an error stating: Access denied for user 'AppSrv'#'localhost'
I have created users in the past without a problem, and am not sure why it is now not working. I have attempted rebooting the SQL server as well with no avail.
Running:
Linux version 3.2.0-24-virtual (buildd#crested) (gcc version 4.6.3 (Ubuntu/Linaro 4.6.3-1ubuntu5) )
MySQL v5.5.28-0ubuntu0.12.04.3 - (Ubuntu)
What could be a possible fix to create new users for my SQL Server?
EDIT
I have also tried using PHPMyAdmin to create the user, and even that fails when trying to login.
Create the account with #'localhost':
CREATE USER 'AppSrv'#'localhost' IDENTIFIED BY 'some_pass';
GRANT ALL PRIVILEGES ON some_db.* TO 'AppSrv'#'localhost' WITH GRANT OPTION;
Otherwise the anonymous-user account for localhost that is created by mysql_install_db would take precedence - see mysql doc adding users or access denied
Related
I switch to MySQL 8 recently; earlier I was using MySQL 5.7 in GCP. I know questions like this have already been asked, but I didn't have any luck. My question is, I want to create a new user just say 'user1' and grant all privileges to a user account on all databases.
The query I am using for user creation:
CREATE USER 'user-1'#'%' IDENTIFIED BY 'user_password';
For privileges:
GRANT ALL PRIVILEGES ON *.* TO 'user-1'#'%';
This privileges query used to work on MySQL 5.7, but when I try to run this query in MySQL 8, I get this error (I logged in as root user and MySQL is in GCP):
SQL Error (1045): Access denied for user 'root'#'%' (using password: YES)
I also tried to run this query one after another like this:
CREATE USER 'user-1'#'%' IDENTIFIED BY 'user_password';
GRANT ALL PRIVILEGES ON *.* TO 'user-1'#'%';
But still I get the same error. I came to know that in MySQL 8 localhost root user have all the privileges, but my server is in Google Cloud, so how can I grant all the privileges to the user I created?
When I run this query in the mysql-8 (I am using HeidiSQL to connect the DB and run query)
SELECT * FROM mysql.user;
I got this output:
In this there are two root users:
For one host is localhost/127.0.0.1 (With all the privilege).
For other host is % (Not have any privilege).
I think I logged in as a user with host-% because my server is in GCP, that's why I cannot give any privilege to the user that I have created. So is there any way to give full permission to the
root#%
so that I can give full permission to the other users, Because I don't think there is any way to log in as a root#localhost
The problem here is that you are trying to create a super user, which is not something supported in cloud SQL, as you can see in this documentation:
Cloud SQL does not support SUPER privileges, which means that GRANT ALL PRIVILEGES statements will not work. As an alternative, you can use GRANT ALL ON %.*.
This alternative mentioned could be enough to grant the permissions you expected.
I had no problems making a test MySQL server and applying permissions a week ago with their MySQL 5.7, but trying out the new 8.0 version, I can't seem to alter permissions as easily, if at all. I'm logged in as root remotely, but a local cloud shell instance does the same.
I'm trying to create a new user that only has access to one database, but I can't seem to get past the part where I revoke all default permissions first.
My method:
CREATE USER 'test_user'#'%' IDENTIFIED BY '{password}';
Gives no error. (I've also tried creating a user through GCP's admin panel)
SHOW GRANTS FOR 'test_user'#'%'; returns GRANT USAGE ON *.* TO `test_user`#`%` (I assume this means the new user has full permissions?)
Then, trying to remove all privileges to start fresh with the user,
REVOKE ALL PRIVILEGES, GRANT OPTION FROM 'test_user'#'%';
shows:
Error: UNKNOWN_CODE_PLEASE_REPORT: Access denied for AuthId `root`#`%` to database 'mysql'.
I'm pretty new to Mysql, so I'm unsure if this is my fault or just a bug. Thank you!
First, I would like to point out that GRANT USAGE ON *.* TO test_user#% means the inverse, it means that the user has no privileges ! ( more info: Mysql Reference )
Secondly, I think that's what causing the error is the ALL PRIVILEGES keyword, it may have been removed in v8.0, so just go straight after user creation and grant him the privileges that you want on a table/database.
yesterday I deployed a MySQL database image from the Azure marketplace. It is this one issued by Microsoft. I can connect with the user I specified in the Azure portal and was able to create an additional user for testing purposes and grant it all privileges on two different databases. However, if try to do the same today I get the infamous Error Code: 1044. Access denied for user 'admin'#'%' to database 'mysql'. I have read that some MySQL versions on Azure do not support user privilege handling, but I was already able to do it with this image version. I even verified that the created user had access to the specified databases and inserting/selecting data from it was also working. I have tried setting up a fresh database with a new testuser to no avail, as i received the same error. This is basically what I did:
CREATE USER 'user'#'%' IDENTIFIED BY 'pw';
GRANT INSERT ON db.* TO 'user'#'%' IDENTIFIED BY 'pw';
FLUSH PRIVILEGES;
After the user was created I also checked with SHOW GRANTS FOR 'user'#'%' for the given permissions and they were there. The admin user specified in the Azure portal also has grant_priv privileges. Can someone please help me to understand why all of a sudden it is not possible for me to grant even simple privileges to newly created users? It should be possible as this Blogpost from an Microsoft employee suggests. Clearly I am missing something as such a basic feature should be included.
I'm trying to give admin rights to MySQL user using this SQL statement ran on cpanel>phpmyadmin>SQL
GRANT ALL PRIVILEGES ON somedb.* TO 'someusr'#'localhost' IDENTIFIED BY 'password' WITH GRANT OPTION;
but it's giving user denied error:
#1044 - Access denied for user 'someusr'#'localhost' to database 'somedb'
We are trying to Integrate our website "www.somewebsite.com" MySQL database with Peachtree accounting software using Dell Boomi AtomSphere.
As per Dell Boomi forums. They replied in the link.
https://community.boomi.com/message/8983
There is no global privileges option on the phpMyAdmin page. There is only data and structure privileges in Cpanel>MySQL Database but no Administration privileges as shown in this video # 8:27 sec;
https://youtu.be/64nYbTkcRZ4?t=507
I tried using SHOW GRANTS FOR 'someusr'#'localhost';
It's showing:
Grants for someusr#localhost
GRANT USAGE ON . TO 'someusr'#'localhost'
IS GRANTABLE = NO
What should I do?
Actually there are two steps to solve this problem if you are using Cpanel.
First step is to go to Remote MySQL and add your IP address of your network.You can check your IP by going to whatismyipaddress.com or add % percent sign so that anyone can access it but this is not recommended because of security issues.
Secondly go to the MySQL Database and grant all user privileges like select, update, delete etc. Now you cannot get any user denied error using dell boomi.
This should work (assuming the database is already there):
CREATE USER 'someusr'#'localhost' IDENTIFIED BY 'password';
GRANT ALL PRIVILEGES ON somedb.* TO 'someusr'#'localhost';
FLUSH PRIVILEGES;
A bit late to the party ( again) but here is another simple solution that wworked for me in the same case :
Open the *.sql file in a text editor and change all instances of old_db_name' tonew_cpanel_db_name'. and try to import again.
Most likely there will be only few occurences at the top of the file, something like :
`
--
-- Database: `old_db_name`
--
CREATE DATABASE IF NOT EXISTS `old_db_name` DEFAULT CHARACTER SET latin1 COLLATE latin1_swedish_ci;
USE `old_db_name`;
`
worked for me severaal times..
I try to connect my db using host address as my ip address 203.199.209.**,but not able to connect db.if i try to connect my db using host address as localhost it connected successfully.
How to solve this issue?
MySQL grants access based on which host you are connecting from.
Run this command as root:
SELECT user, host FROM mysql.user;
These are the users which exist on your server. Notice the host column.
In short, a user is defined as both a user name (user) and a point of connection (host). When you access your server as localhost, you actually login as some_user#localhost. On the other hand, when you access the sever via its IP address, you actually login as some_user#your.ip.address.here. I guess the latter does not exist on your server.
You may want to create a new user such as some_user#your.ip.address.here or some_user#% (the percent sign is a wildcard; here, it means "any host"):
CREATE USER 'some_user'#'your.ip.address.here' IDENTIFIED BY 'your_password';
GRANT ALL ON your_database.* to 'some_user'#'your.ip.address.here';
If you wish to dig further, see this manual page for more details about MySQL access control, and this page for the CREATE USER syntax.
[edit]
Obviously, as suggested by others, you first need to make sure your server listens to this IP address (203.199.209.**). But if this were not already the case, you should get the following error:
ERROR 2003 (HY000): Can't connect to MySQL server on '203.199.209.**' (111)
The error you are getting definitely indicates a permission issue.
For mysql-5.7.15-winx64 (Windows Version), login as "root" user and run the following queries in MYSQL:
CREATE USER 'user'#'localhost' IDENTIFIED BY 'pass';
GRANT ALL PRIVILEGES ON *.* TO 'user'#'localhost' WITH GRANT OPTION;
CREATE USER 'user'#'%' IDENTIFIED BY 'pass';
GRANT ALL PRIVILEGES ON *.* TO 'user'#'%' WITH GRANT OPTION;
FLUSH PRIVILEGES;
and then Re-start your MYSQL DB.
For this version of MYSQL DB no changes are required in "my-default.ini" located in the same location as "bin" folder.