ALTER USER

Purpose

Use this statement to alter the user's authentication details.

Prerequisites

  • If password authentication is set, then a user can always change its own password.
  • To set a new password for other users or define the Kerberos/LDAP/OpenID authentication you need to have the system privilege ALTER USER.

Syntax

alter_user::=

Alter User

Alter User

Usage Notes

  • If you have the system privilege ALTER USER, then REPLACE clause is optional and the old password is not verified.
  • For security reasons, the old password must also be specified if a user wishes to change their own password (unless the user has the system privilege ALTER USER).
  • Passwords are treated as SQL identifiers and are governed by the same rules regarding allowed characters, case sensitivity, etc. For more information, refer to the SQL Identifier section.
  • For details about the expected string values for the PASSWORD_EXPIRY_POLICY parameter, refer to Password Expiry Policy.
  • For the administration of the SaaS platform, Exasol creates special users on the database which are used for administration and monitoring purposes. These users have the prefix EXA_ and are required for proper usage of the database. The following users are Exasol users:
    • EXA_SAAS_ADMIN_USER
    • EXA_EXTERNAL_USAGE_USER
    • EXA_MONITORING_USER

Do not modify the above users in any way. Modifying or deleting them will impact platform functionality.

Examples

ALTER USER user_1 IDENTIFIED BY "h22_xhz" REPLACE "h12_xhz";
-- ALTER USER privilege necessary for next commands
ALTER USER user_1 IDENTIFIED BY "h12_xhz";
ALTER USER user_2 IDENTIFIED AT LDAP
AS 'cn=user_2,dc=authorization,dc=exasol,dc=com';
ALTER USER oidctestuser IDENTIFIED BY OPENID SUBJECT 'database-user@exasol.example';