I try to connect my db using host address as my ip address 203.199.209.**,but not able to connect db.if i try to connect my db using host address as localhost it connected successfully.
How to solve this issue?
MySQL grants access based on which host you are connecting from.
Run this command as root:
SELECT user, host FROM mysql.user;
These are the users which exist on your server. Notice the host column.
In short, a user is defined as both a user name (user) and a point of connection (host). When you access your server as localhost, you actually login as some_user#localhost. On the other hand, when you access the sever via its IP address, you actually login as some_user#your.ip.address.here. I guess the latter does not exist on your server.
You may want to create a new user such as some_user#your.ip.address.here or some_user#% (the percent sign is a wildcard; here, it means "any host"):
CREATE USER 'some_user'#'your.ip.address.here' IDENTIFIED BY 'your_password';
GRANT ALL ON your_database.* to 'some_user'#'your.ip.address.here';
If you wish to dig further, see this manual page for more details about MySQL access control, and this page for the CREATE USER syntax.
[edit]
Obviously, as suggested by others, you first need to make sure your server listens to this IP address (203.199.209.**). But if this were not already the case, you should get the following error:
ERROR 2003 (HY000): Can't connect to MySQL server on '203.199.209.**' (111)
The error you are getting definitely indicates a permission issue.
For mysql-5.7.15-winx64 (Windows Version), login as "root" user and run the following queries in MYSQL:
CREATE USER 'user'#'localhost' IDENTIFIED BY 'pass';
GRANT ALL PRIVILEGES ON *.* TO 'user'#'localhost' WITH GRANT OPTION;
CREATE USER 'user'#'%' IDENTIFIED BY 'pass';
GRANT ALL PRIVILEGES ON *.* TO 'user'#'%' WITH GRANT OPTION;
FLUSH PRIVILEGES;
and then Re-start your MYSQL DB.
For this version of MYSQL DB no changes are required in "my-default.ini" located in the same location as "bin" folder.
Related
I've made a user only for specific operations make, read, update and delete (CRUD operations) on a specific database like so:
REVOKE ALL PREVILEGES, GRANT OPTION FROM 'username'#'localhost';
GRANT SELECT, INSERT ON database_name.* TO 'username'#'localhost';
But then, I'm getting this error message trying to access the database remotely with the previous user:
ERROR 1130 (HY000): Host 'ip_address' is not allowed to connect to this MySQL server
Any idea how to grant the remote access without giving it all previleges?
When you set the hostname of a user to localhost, MySQL will not accept remote connections for the user. You need to set the host name to an ip address or ip address range. To allow connections from anywhere, execute
RENAME USER 'username'#'localhost' TO 'username'#'%';
Please also have a look at the official documentation: https://dev.mysql.com/doc/refman/8.0/en/account-names.html
So basically what is the difference of '%' and 'localhost' when you create a user and give a grant to the created user.
what will happens when you create/grant a user with 'localhost' and '%' each
CREATE USER 'user'#'localhost' IDENTIFIED BY 'password';
vs
CREATE USER 'user'#'%' IDENTIFIED BY 'password';
GRANT ALL PRIVILEGES ON db.* TO 'user'#'localhost';
vs
GRANT ALL PRIVILEGES ON db.* TO 'user'#'%';
it seems like if I create a user with 'localhost' it means I can only log in the user in the local server, not from remote. and in terms of the grant with 'localhost', is that mean that the user only can access to database from local server, not from remote, is that correct?
MySQL treats '%' as a wildcard matching any client who connects via TCP. So any hostname or any IP address, including 127.0.0.1
MySQL treats 'localhost' as a special case. It only matches a client who connects only via the UNIX socket. The UNIX socket is faster than TCP, but it only works locally.
If you want to create a user who can connect either from any host via TCP, or via the UNIX socket, you must actually create two users. It's up to you to give them the same passwords and grant them the same privileges. MySQL does not ensure that.
I'm in the process of setting up a MySQL server. I set up the server as localhost on port 3306. However I want to be able to access this server over the network. The server has a static IP address. How can I change it from localhost to the static IP address?
I already did this suggestion I found online, and it didn't work:
mysql> GRANT ALL ON *.* to root#'localhost' IDENTIFIED BY 'your-root-password';
mysql> FLUSH PRIVILEGES;
When I try to access it from the server or another PC, I get this error:
Failed to Connect to MySQL at XXXXXX:3306 with user root
HOST 'XXXXXXX' is not allowed to connect to this MySQL server
Thank You.
In addition to the GRANT statement you've already listed above, you also need this one to connect from somewhere other than localhost
GRANT ALL ON *.* to root#'%' IDENTIFIED BY 'your-root-password';
In MySQL land user#somehost is, in practice, a different user than user#some-other-host.
I tried to grant user for database at database.com from a domain but it failed. Only the domain's IP works. (example.com is having IP 1.1.1.1)
For example:
GRANT super ON *.* TO 'user'#'1.1.1.1' IDENTIFIED BY 'password';
The above works fine. I can access the database remotely.
GRANT super ON *.* TO 'user'#'example.com' IDENTIFIED BY 'password';
This failed!
When I try to use PHP script to connect from example.com to database.com, it says:
mysql_connect('database.com', 'user', 'password');
Warning: mysql_connect() [function.mysql-connect]: Access denied for
user 'user'#'1.1.1.1' (using password: YES)
Any idea why giving privilege to user base on domain 'user'#'example.com' doesn't work?
As per my understanding your server administrator has restricted to host name, you can check in your server config file (my.cnf) if "skip-name-resolve" is updated.
Even you should call based on IP in your application instead of name but if still you want to do it then comment "skip-name-resolve" in your config file.
I have a created user in my MySQL database:
CREATE USER 'user'#'host' IDENTIFIED BY 'password';
I have granted that user full privileges:
GRANT ALL ON *.* to 'user'#'host';
Echoing the grant:
GRANT ALL PRIVILEGES ON *.* TO 'user'#'host' IDENTIFIED BY PASSWORD '*03FFC888F82E921D8CA360925A8F443CF326DE89'
I can connect from MySQL workbench using this login credential w/o any issues and execute queries. And it's running on the same machine the web application is running on. MySQL instance is running on another computer in the same local network.
However, when I try to use the same credentials from my web application running in Tomcat7 under Eclipse I receive the error. Please advise.
Note: As of last night, the web application was able to connect just fine. With nothing changing (that I am aware of - I am only one working on this), this morning I could not connect.
RESOLVED:
I added the user with grants using the IP address for the host for the local machine.
I am not sure what changed on the server, but now I am able to connect again.
Would someone possibly be able to explain this change, and with it why I am now required to use the IP address when previously the local host name was sufficient?
Make sure you are using the appropriate hostname, and you're accessing from that host, the user can't connect from another host.
To give permission you must put the password unencrypted.
Example
GRANT ALL PRIVILEGES ON test. * TO 'root' # 'localhost'
IDENTIFIED BY 'goodsecret';
Also must be the same password when you create the user.
Here How adding users to MySQL
Note: For more information on GRANT here is the documentation.
Hope this helps