The CREATE USER statement creates a new user with a given password. You must have administrator privileges to execute the statement.
BYpassword
BY password defines that the user is authenticated internally: the password is stored in the SYS_USERS table in scrambled format.
EXTERNALLY
EXTERNALLY defines that the user is authenticated by services provided by the operating system. When using external authentication, the username must match the user name of an operating system user account.
Additionally, to use external authentication, you must enable the use of solidDB® Global Security Kit (GSKit). For more details, see Enabling encryption with solidDB® Global Security Kit (GSKit).
Note When using external authentication on Windows systems, your environment might require you to provide the user name in the two-part format of domain_name\username or username@domain_name. You can specify the domain_name using the General.DefaultDomainName parameter. The solidDB® server uses the value of the General.DefaultDomainName parameter to resolve the two-part user ID as expected by the Windows operating system.
Alternatively, you can leave the General.DefaultDomainName parameter empty (default) and provide the domain name as part of the user ID of each externally authenticated user.
When specifying the domain name as part of the user name, the following formats are supported:
domain_name\username username@domain_name
When using the CREATE USER user_name EXTERNALLY statement, the user_name string with \or @ character must be given in double quotation marks.
For example:
CREATE USER "chicago_prod\solid1" IDENTIFIED EXTERNALLY CREATE USER "solid1@chicago_prod" IDENTIFIED EXTERNALLY
Examples
The following example creates a new, internally authenticated user named HOBBES with the password CALVIN.
CREATE USER HOBBES IDENTIFIED BY CALVIN;
The following example creates a new, externally authenticated user named solid1.