Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Windows authentication: grant privileges to Windows groups [CORE1900] #2332

Closed
firebird-automations opened this issue May 13, 2008 · 9 comments

Comments

@firebird-automations
Copy link
Collaborator

Submitted by: Bruno Marx (bmx)

Votes: 3

It would be very desirable to be able to grant a role to a Windows user group regrouping several individual domain/local users. This would simplify the administrative burden of granting/revoking privileges on a per domain/local user basis: e.g. GRANT MyRole TO GROUP "MyDomain\MyDomainGroup";

This is possible under Unix but not on Windows for now.

This would also provide a workaround under Windows for those "domain\USERname" strings exceeding the 31 characters limitation in Firebird. The workaround would consist in creating a "domain\GROUPname" < 31 characters which could regroup "domain\USERname" > 31 characters.

Thanks.

@firebird-automations
Copy link
Collaborator Author

Modified by: Bruno Marx (bmx)

Version: 2.1.0 [ 10041 ]

@firebird-automations
Copy link
Collaborator Author

Modified by: @AlexPeshkoff

assignee: Alexander Peshkov [ alexpeshkoff ]

@firebird-automations
Copy link
Collaborator Author

Commented by: @AlexPeshkoff

There are plans to provide even more flexible mapping.

The full syntax of new command is supposed to be:
ALTER {ROLE | USER} <name> {ADD | DROP} OS_NAME 'name'
This will make it possible to map any OS name - user, group or even host:)),
what else can be imagined in security plugin, to any database security name -
user, role, group (when/if we add them).

@firebird-automations
Copy link
Collaborator Author

Modified by: @AlexPeshkoff

status: Open [ 1 ] => Open [ 1 ]

Fix Version: 3.0.0 [ 10048 ]

@firebird-automations
Copy link
Collaborator Author

Modified by: @AlexPeshkoff

Fix Version: 3.0.0 [ 10048 ] =>

@firebird-automations
Copy link
Collaborator Author

Modified by: @AlexPeshkoff

status: Open [ 1 ] => Open [ 1 ]

Target: 3.0.0 [ 10048 ]

@firebird-automations
Copy link
Collaborator Author

Commented by: @AlexPeshkoff

Use CREATE MAPPING to map windows groups to appropriate DB roles.

@firebird-automations
Copy link
Collaborator Author

Modified by: @AlexPeshkoff

status: Open [ 1 ] => Resolved [ 5 ]

resolution: Duplicate [ 3 ]

Fix Version: 3.0 Beta 1 [ 10332 ]

@firebird-automations
Copy link
Collaborator Author

Modified by: @pcisar

status: Resolved [ 5 ] => Closed [ 6 ]

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

2 participants