[midPoint] Midpoint management RDBMS users - Scripted SQL

Vitor Alves | Gerencianet vitor.alves at gerencianet.com.br
Fri Jul 23 16:09:23 CEST 2021


Hi,

I have the following need to manage the permissions of my RDBMS users (In this case MySQL). During my research I found the connector "MySQL Users", but it is discontinued and we don't want to work with connectors that don't have their development in progress. Then I realized that an output would be the "Scripted SQL" connector, because with Groovy scripts I could make these changes. During my research, I found some examples to create the resource, but very few and also a little outdated. I would like to know if I'm on the right path, if this would be the ideal connector, or if in MIDPOINT I won't be able to do this type of identity management. Below are some examples of the commands:

# Show users
SELECT host,user,password_expired,password_last_changed,account_locked FROM user;
# Locked user
ALTER USER 'name' ACCOUNT LOCK;
FLUSH PRIVILEGES;
# Unlock user
ALTER USER 'name' ACCOUNT UNLOCK;
FLUSH PRIVILEGES;
# Change password
ALTER USER 'name' IDENTIFIED BY 'password';
# Create user
CREATE USER 'name'@'%' IDENTIFIED BY 'password';
FLUSH PRIVILEGES;

# Grant permissions
GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, RELOAD, PROCESS, REFERENCES, INDEX, ALTER, SHOW DATABASES, CREATE TEMPORARY TABLES, LOCK TABLES, EXECUTE, REPLICATION SLAVE, REPLICATION CLIENT, CREATE VIEW, SHOW VIEW, CREATE ROUTINE ALTER ROUTINE, CREATE USER, EVENT, TRIGGER ON *.* TO 'name'@'192.168.%' WITH GRANT OPTION;


Has anyone ever come across any similar case? Since now, I appreciate the help of the community.

-----
Vitor Alves
Cloud Analyst
vitor.alves at gerencianet.com.br



More information about the midPoint mailing list