GRANT REMOTE DBA statement [MobiLink] [SQL Remote]

Use this statement to grant remote DBA privileges to a user ID.

Syntax
GRANT REMOTE DBA
TO userid, ...
[IDENTIFIED BY password]
Parameters
  • IDENTIFIED BY   The IDENTIFIED BY clause is optional for this statement. If included, the password for the user is changed.

Remarks

A user ID with REMOTE DBA authority has full DBA authority only:

  • In MobiLink, when the connection is made from the SQL Anywhere synchronization client (dbmlsync) utility. The REMOTE DBA authority enables dbmlsync to have full access to the database to make any changes contained in the messages. Any other connection using the same user ID is granted no special authority. See Permissions for dbmlsync.

  • In SQL Remote, when the connection is made from the Message Agent. The REMOTE DBA authority enables the Message Agent to have full access to the database to make any changes contained in the messages. Any other connection using the same user ID is granted no special authority.

The REMOTE DBA authority avoids having to grant full DBA authority to the user ID, thereby avoiding security problems associated with distributing DBA user IDs and passwords.

For example, a SQL Remote user ID with REMOTE DBA authority has no extra permissions on any connection apart from the Message Agent. Even if the user ID and password for a REMOTE DBA user is widely distributed, there is no security problem. As long as the user ID has no permissions beyond CONNECT granted on the database, no one can use this user ID to access data in the database.

Permissions

Must have DBA authority.

Side effects

Automatic commit.

See also
Standards and compatibility
  • SQL/2003   Vendor extension.

Examples

You can grant REMOTE DBA authority to a user ID named dbremote as follows:

GRANT REMOTE DBA
TO dbremote
IDENTIFIED BY dbremote;