For information on converting to InterSystems IRIS, see the
InterSystems IRIS Adoption Guide
and the InterSystems IRIS In-Place Conversion Guide,
both available on the WRC Distributions page (login required).
Execute an SQL command to update SQL Security meta-data. Updates can be made on an instance that is a member of an Enterprise Management group that manages the Distributed SQL Security service. Updates made with Enterprise Manager Distributed SQL Security API class are first applied locally and then distributed to other instances in the EM group containing the Distributed SQL Security service.
The command argument is a string containing a valid SQL security command from the following set: "CREATE USER", "DROP USER", "CREATE ROLE", "DROP ROLE", "GRANT" and "REVOKE". Any valid command syntax from this set of commands is acceptable. Other SQL commands (examples: "CREATE TABLE", "DROP VIEW", "SELECT") are not supported and will return an error status.
CREATE USER UserName IDENTIFIED BY Password
DROP USER UserName
CREATE ROLE RoleName
DROP ROLE RoleName
GRANT RoleName TO UserName
GRANT PrivilegeName TO RoleName
REVOKE RoleName FROM UserName
When invoked, the SQL command is first executed on the local instance. If it fails, an error status is returned and no further processing occurs. If it succeeds, the command, $username and namespace are transmitted to the Enterprise Manager server where it is stored and forwarded to other members of the group sharing the Distributed SQL Security service. There, the command is stored and executed by a background process and the results are saved. When the update has been received by all instances, the message is deleted on the EM server.
The CREATE/DROP USER commands are disabled for instances that are managed for Users and the CREATE/DROP ROLE commands are disabled for instances that are managed for Security.