New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Windows authentication: grant privileges to Windows groups [CORE1900] #2332
Comments
Modified by: Bruno Marx (bmx)Version: 2.1.0 [ 10041 ] |
Modified by: @AlexPeshkoffassignee: Alexander Peshkov [ alexpeshkoff ] |
Commented by: @AlexPeshkoff There are plans to provide even more flexible mapping. The full syntax of new command is supposed to be: |
Modified by: @AlexPeshkoffFix Version: 3.0.0 [ 10048 ] => |
Commented by: @AlexPeshkoff Use CREATE MAPPING to map windows groups to appropriate DB roles. |
Modified by: @AlexPeshkoffstatus: Open [ 1 ] => Resolved [ 5 ] resolution: Duplicate [ 3 ] Fix Version: 3.0 Beta 1 [ 10332 ] |
Modified by: @pcisarstatus: Resolved [ 5 ] => Closed [ 6 ] |
Submitted by: Bruno Marx (bmx)
Votes: 3
It would be very desirable to be able to grant a role to a Windows user group regrouping several individual domain/local users. This would simplify the administrative burden of granting/revoking privileges on a per domain/local user basis: e.g. GRANT MyRole TO GROUP "MyDomain\MyDomainGroup";
This is possible under Unix but not on Windows for now.
This would also provide a workaround under Windows for those "domain\USERname" strings exceeding the 31 characters limitation in Firebird. The workaround would consist in creating a "domain\GROUPname" < 31 characters which could regroup "domain\USERname" > 31 characters.
Thanks.
The text was updated successfully, but these errors were encountered: