Click here to view and discuss this page in DocCommentXchange. In the future, you will be sent there automatically.

SQL Anywhere 12.0.1 » SQL Anywhere Server - Database Administration » Database configuration » User IDs, authorities, and permissions » Groups


Special groups and users

When you create a database, the SYS, PUBLIC, and dbo groups are also automatically created. None of these groups has passwords, so it is not possible to connect to the database as SYS, PUBLIC, or dbo. However, these groups serve important functions in the database. See Users and permissions for system views.

  • SYS group   The SYS group owns the system tables and views for the database, which contain the full description of database schema, including all database objects and all user IDs.

    For more information about the system tables and views, together with a description of access to the tables, see Tables and System views.

  • PUBLIC group   The PUBLIC group has SELECT permission on the system tables. As well, the PUBLIC group is a member of the SYS group, and has read access for some of the system tables and views, so any user of the database can find out information about the database schema. If you want to restrict this access, you can REVOKE PUBLIC's membership in the SYS group.

    Any new user ID is automatically a member of the PUBLIC group and inherits any permissions specifically granted to that group by a user with DBA authority. You can also REVOKE membership in PUBLIC for users if you want.

  • DIAGNOSTICS group   The DIAGNOSTIC group owns the diagnostic tables and views. Members in this group inherit permissions to run diagnostic operations. See Performance improvements, diagnostics, and monitoring.

  • dbo group   The dbo group owns many system stored procedures and views. The dbo group is a member of the SYS group. The PUBLIC group is a member of the dbo group. The dbo group also owns tables used for UltraLite and MobiLink.

  • SA_DEBUG group   Membership in the SA_DEBUG group allows users to use the SQL Anywhere Debugger. See The SQL Anywhere debugger.

  • SYS_SPATIAL_ADMIN_ROLE group   Membership in this group allows users to create, alter, or drop spatial reference systems and spatial units of measure. See Introduction to spatial data.

  • EXTENV_MAIN and EXTENV_WORKER users   EXTENV_MAIN and EXTENV_WORKER are used for external environment support. They are for internal use only and have limited permissions. See SQL Anywhere external environment support.