Mapping an MC User to a Database user's Privileges

Database mapping occurs when you link one or more MC user accounts to a database user account. After you map users, the MC user inherits privileges granted to the database user, up to the limitations of the user's database access level on MC.

This topic presents the same mapping information as in Granting Database Access to MC Users but with graphics. See also MC Database Privileges for an introduction to database mapping through the MC interface and details about the different database access roles you can grant to an MC user.

How to Map an MC User to a Database User

The following series of images shows you how easy it is to map an MC user to a database user account from the MC Settings > User management page.

You view the list of MC users so you can see who has what privileges. You notice that user alice has no database privileges, which would appear under the Resources column.

To give alice database privileges, click to highlight her MC username, click Edit, and the Edit existing user page displays with no resources (databases) assigned to MC user alice.

Click Add, and when the Add permissions dialog box opens, choose a database from the menu.

In the same Add permissions dialog box, after you select a database, you need to enter the user name of the database user account that you want to map alice to. To see a list of database user names, click the ellipses […] and select a name from the list. In this example, you already know that database user carol has privileges to stop and start the database, but the alice database account can only view certain tables. On MC, you want alice to have similar privileges to carol, so you map MC alice to database carol.

After you click OK, remember to assign MC user alice an MC database level. In this case, choose IT, a role that has permissions to start and stop the selected database.

Enter the database password, click OK , close the confirmation dialog box, and click Save.

That's it.

What If You Map the Wrong Permissions

In the following mapping example, if you had granted alice MC database access level of ADMIN but mapped her to a database account with only USER-type privileges, Alice's access to that database would be limited to USER privileges. This is by design. When Alice logs in to MC using her own user name and password, MC privileges for her ADMIN-assigned role are compared to the user privileges on the database itself. Only when the user has both MC privileges and corresponding database privileges will the appropriate operations be exposed in the MC interface.