[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Ledgersmb 1.3.3: Super User can't login to company database

On Thu, Nov 17, 2011 at 10:59 AM, Håvard Sørli <..hidden..> wrote:
> On 17. nov. 2011 15:04, Chris Travers wrote:
>> On Thu, Nov 17, 2011 at 5:38 AM, Steven Marshall
> I try to summarize this to a faq on ledgersmb.org
> Makes a database superuser:
>>> CREATE USER ledgersmb WITH superuser password 'somepassword';
> Use this user to make the DB with setup.pl
> (You may need it for upgrades later)
> This superuser has ONLY DB superuser access and no application access.
> To solve the "100 databaes user case" is this a better (and safer)
> solution ?? :
> CREATE USER your_100_db_user_name WITH password 'somepassword';
> (normal user with no drop db rights)
> Use this user to import in every db as a common application user with as
> litte userright as possible to do the job.
> My test shows that you have to be carefull to not set a new password
> when you import your_100_db_user_name in LedgerSMB and give application
> access.

Yes, it's probably preferable to import this user from the manage
users interface.  That interface never sets a password when importing
(guessing we should change setup.pl to do the same) if that's

The db-level API allows you to set a password when importing.  This
could also be changed.

Best Wishes,
Chris Travers