3.8.1 Specification format and rules for the CREATE USER statement
The CREATE USER statement creates an HADB user.
Because no privileges are granted to the HADB user that is created, the GRANT statement must be used to grant the required privileges to the HADB user.
- Organization of this subsection
(1) Specification format
CREATE-USER-statement ::= CREATE USER authorization-identifier IDENTIFIED BY password
(2) Explanation of specification format
- authorization-identifier
-
Specifies the authorization identifier of the HADB user to be created.
The rules for specifying an authorization identifier are as follows:
-
The authorization identifier can include single-byte uppercase and lowercase letters, numbers, and the backslash (\), hash mark (#), and at mark (@) characters.
-
If you want to use lowercase letters in the authorization identifier, enclose the authorization identifier in double quotation marks (").
Example: CREATE USER "ADBuser01" ...
When not enclosed in double quotation marks, lowercase letters are treated as uppercase. For example, ADBuser01 is treated as ADBUSER01.
-
Because an authorization identifier is specified as a name, we recommend that you enclose it in double quotation marks (").
-
You cannot specify ALL, HADB, MASTER, or PUBLIC as an authorization identifier.
-
The authorization identifier cannot exceed 100 characters (100 bytes).
For details about the rules for specifying an authorization identifier, see 6.1.4 Specifying names.
-
- IDENTIFIED BY password
-
Specify a password for the HADB user that is to be created.
The rules for specifying a password are as follows:
-
The password can include single-byte uppercase and lowercase letters, numbers, backslashes (\), as well as the following characters:
@ ` ! " # $ % & ' ( ) * : + ; [ ] { } , = < > | - . ^ ~ / ? _
-
Specify the password in the form of a character string literal. Therefore, you must enclose the password in single quotation marks. The following are examples:
Example 1: Specify Password01 as the password
IDENTIFIED BY 'Password01'
Example 2: Specify Pass'01 as the password
IDENTIFIED BY 'Pass''01'
If the password itself includes a single quotation mark ('), specify two single quotation marks to represent a single quotation mark (''), as shown in the example above.
For rules on specifying a character string literal, see Table 6‒10: Description formats and assumed data types of literals.
-
The password cannot be empty. That is, the following is not permitted:
IDENTIFIED BY ''
-
The password cannot exceed 255 characters (255 bytes).
-
- Note
-
-
If you are using the JDBC driver, we recommend that you not use the following character in the password:
&
-
If you are using the ODBC driver, we recommend that you not use the following characters in the password:
[ ] { } ( ) , ; ? * = ! @
-
(3) Privileges required at execution
To execute the CREATE USER statement, the DBA privilege and the CONNECT privilege are required.
(4) Rules
A maximum of 30,000 HADB users can be created.
(5) Examples
- Example
-
Create an HADB user with the following authorization identifier and password:
-
Authorization identifier: ADBUSER01
-
Password: #HelloHADB_01
CREATE USER "ADBUSER01" IDENTIFIED BY '#HelloHADB_01'
-