24.5.1 Adding, modifying, or deleting a user or role

Organization of this subsection
(1) Deleting a user or role
(2) Execute the pdgrprfl command
(3) A user is deleted accidentally
(4) Check to see if user information is registered in Directory Server

(1) Deleting a user or role

When you delete a user who is already registered in the Directory Server, you must also delete the privileges granted to that user. When you delete a role, you must also delete the access privileges for tables that were granted to that role.

(2) Execute the pdgrprfl command

To add, modify, or delete a user or role already registered in the Directory Server, execute the pdgrprfl command. Then, execute the pdgrprfl command to refresh the user and role information stored in HiRDB LDAP Option and HiRDB.

If the pdgrprfl command is not executed after adding, modifying, or deleting a user or role, this user information will not match the user information stored in the Directory Server. If the pdgrprfl command cannot always be executed immediately after updating Directory Server information, you should set the command to execute at a regular interval (such as once every few hours or once a day).

Update the user or role information that is stored in HiRDB LDAP Option, or HiRDB when you start HiRDB (this is the same as executing the pdgrprfl command).

(3) A user is deleted accidentally

If a user is deleted accidentally, the privilege information granted to that user remains in HiRDB. Register that user in the Directory Server again and the user will have access to all privileges previously granted.

(4) Check to see if user information is registered in Directory Server

Execute the pdusrchk command to check for user information in the Directory Server.