You can translate the question and the replies:

How to assign specific admin role that prevent modification on databases created by others ?

Hello, I'm wondering how to assign a specif ADMIN role to users that : - allow granted users to create/modify their own databases and related objects - does not allow these users to modify existing databases created by others Currently, I'm only able to assign admin role to EXISTING databases. Thank you for your help. Regards, Julien
Roles Users
user
06-05-2021 04:17:27 -0400
code

3 Answers

Hi, In order to create/drop Virtual Databases, I would either login as an **Administrator user** or have the role **serveradmin** assigned. Also, with **Administrator** privilege over a Virtual Database in the Virtual DataPort, I was able to perform Connect, Create, Metadata, Execute and Write operations over all the elements of that database and also perform some of the administrator tasks for that Virtual Database. To apply specific restrictions over other Virtual Databases, you could refer to the section [User and Access Right in Virtual DataPort ](https://community.denodo.com/docs/html/browse/8.0/en/vdp/administration/databases_users_and_access_rights_in_virtual_dataport/user_and_access_right_in_virtual_dataport/user_and_access_right_in_virtual_dataport#user-and-access-right-in-virtual-dataport) which would be helpful to assign the required Connect, Create, Metadata, Execute and Write privileges. Hope this helps
Denodo Team
06-05-2021 08:40:28 -0400
code
Thank you for your answer but it's not enough regarding my request. Let's assume one admin user "Julien" that created 2 databases A and B. He has admin rights on these ones. A 3th database C exists but as he is not the owner, he can't access to it. By defining a role and setting "Assign privileges", I can decide which database "Julien" can access (databases A and B) and which one he can't (database C). Now, how can I automatize the way that when "Julien" creates a new database, he's automatically admin of. But, when another user creates a new database, "Julien" can't access to it. Thank you.
user
06-05-2021 09:33:35 -0400
Hi, Currently, in the Virtual DataPort, an administrator user would create, modify and delete **any** databases without any restrictions. For your scenario, I would ask an administrator user to create databases A and B and assign the Julien user( Normal user) with administrator privilege over these databases. Also I will ensure that he is not provided with any other privilege like connect, create, metadata to access database C created by another user. In order to automate the creation of virtual database, user, roles and assignment of privilege, I would follow the below steps: * Launch Scheduler Administration tool and create a vdp job. * Provide the VQL scripts in Extraction section to [Create Databases, Users, Roles and Access Privileges](https://community.denodo.com/docs/html/browse/8.0/en/vdp/vql/creating_databases_users_roles_and_access_privileges/creating_databases_users_roles_and_access_privileges#creating-databases-users-roles-and-access-privileges). * Schedule the job execution time in the trigger section. You could refer to the Knowledge base article for [Creating a Denodo Scheduler Job](https://community.denodo.com/kb/en/view/document/Creating%20a%20Denodo%20Scheduler%20Job) for more information. Hope this helps
Denodo Team
13-05-2021 06:24:11 -0400
code
You must sign in to add an answer. If you do not have an account, you can register here