ALTER USER

Purpose

Use this statement to alter the user's authentication details.

Prerequisites

  • If password authentication is set, then a user can always change its own password.
  • To set a new password for other users or define the Kerberos/LDAP/OpenID authentication you need to have the system privilege ALTER USER.

Syntax

alter_user::=

Alter User

Alter User

Usage Notes

  • If you have the system privilege ALTER USER the REPLACE clause is optional and the old password is not verified.
  • For security reasons, the old password must also be specified if a user wishes to change their own password (unless the user has the system privilege ALTER USER).
  • Passwords are treated as SQL identifiers and are governed by the same rules regarding allowed characters, case sensitivity, etc. For more information, see SQL identifier.
  • For details about the expected string values for the PASSWORD_EXPIRY_POLICY parameter, see Password expiry policy.
  • For information on Kerberos/LDAP/OpenID authentication and the rules for password creation, see CREATE USER.

Examples

ALTER USER user_1 IDENTIFIED BY "h22_xhz" REPLACE "h12_xhz";
-- ALTER USER privilege necessary for next commands
ALTER USER user_1 IDENTIFIED BY "h12_xhz";
ALTER USER user_2 IDENTIFIED AT LDAP
AS 'cn=user_2,dc=authorization,dc=exasol,dc=com';
ALTER USER oidctestuser IDENTIFIED BY OPENID SUBJECT 'database-user@exasol.example';