CODEWITHSUNDEEP
firebirdfirebird-3.0
Hkachhia
Hkachhia

Reputation: 4539

How to create user for Firebird database

Downloaded Firebird database Firebird-3.0.3.32900-0_x64_pdb.zip. Extract folder install_service.bat and able to access EMPLOYEE.FDB database. Also able to access EMPLOYEE.FDB database without install_service. For creating new user for EMPLOYEE.FDB, I have open EMPLOYEE.FDB database in isql using SYSDBA USER. Used below query for create new user: 

create user DEMO password 'demo' GRANT ADMIN ROLE;

After that I am also able to open EMPLOYEE.FDB database using DEMO USER in isql.

I am using third party tool for GUI : https://fishcodelib.com/Database.htm

Using above tool I am not able to access EMPLOYEE.FDB database. Getting below error :

ErrorCode: 335544472 Number: 335544472, Class: 0, Line: 0 ErrorMessage: Your user name and password are not defined. Ask your database administrator to set up a Firebird login.

Firebird configuration parameters are not set properly. Please enable the following parameters in firebird.conf: (For default SRP) WireCrypt = Enabled (For Legacy Auth) WireCrypt = Enabled AuthServer = Legacy_Auth, Srp, Win_Sspi

Set User and Password: Options -> (Global) Additional connection string parameters -> Firebird

I have already applied above configuration in firebird.conf file. Still getting the same exception. So,my question is that, is it correct way to create user for any database ? Means I want to create new database with new user for my c# application.

Example :

Database : Mydb.fdb; Users : SYSDBA (default user), demo

I want to perform all SQL operation using demo user in my C# application. So, Can you please help me how to create multiple users for specific database with different rights and grants.

I have go through :

https://firebirdsql.org/file/documentation/release_notes/html/en/3_0/rnfb30-compat-initsec.html

https://firebirdsql.org/refdocs/langrefupd25-security-rdbadmin.html

Firebird database SYSDBA connection error

But not understand how to do this.

Edit : Firebird.conf file configuration:

AuthServer = Legacy_Auth,srp,Win_Sspi

WireCrypt = Enabled 

AuthClient = Srp, Win_Sspi, Legacy_Auth

Upvotes: 5

Views: 13199

Answers (1)

Mark Rotteveel
Mark Rotteveel

Reputation: 109264

It looks like you created a Legacy_Auth user, or at least I can reproduce the behaviour you observe when I use a Legacy_Auth user.

The problem is that the Firebird ado.net provider 5.0 and higher, when connecting to Firebird 3 or higher, only supports the Srp (and Win_Sspi) authentication protocol. The Legacy_Auth protocol is not supported when connecting to Firebird 3.

You will need to create a Srp user. To that end, you need to edit firebird.conf, and change (or set) the UserManager setting to:

UserManager = Srp

Or if you also need to create legacy user accounts:

UserManager = Srp, Legacy_UserManager

The first entry is the 'default' user manager. In some cases (eg when using old tools expecting to create legacy users) you may need to reverse the order.

Then create the user using:

create user DEMO password 'demo' GRANT ADMIN ROLE using plugin Srp;

If you leave using plugin Srp off, Firebird will use the default user manager (the first in the list), in your initial setup this was apparently set to Legacy_UserManager.

If you have no tools that require the use of legacy authentication users, I strongly advise to replace all those users with Srp users. This should be as simple as creating new users with the same name using the Srp plugin. Then remove Legacy_Auth from the AuthServer setting in firebird.conf. Consider dropping the legacy auth users with drop user <name> using plugin Legacy_UserManager, to be able to do this, the Legacy_UserManager must be in the UserManager list.

Upvotes: 3

Related Questions