MySQL Workbench Manual  /  Administrative Tasks  /  Users and Privileges

6.2 Users and Privileges

A listing of all users and privileges that relate to the MySQL connection. You may also manage (add) user accounts, adjust privileges, and expire passwords.

Access this window from either the Navigator panel, or by selecting Server, Users and Privileges from the main menu.

The Users and Privileges page has several sections:

User Accounts

Lists each user account that is associated to the active MySQL connection.


Login information related to the selected user account.

Figure 6.6 Navigator Management: User And Privileges: Login

Navigator Management: User And Privileges: Login

Account Limits

Define limits for the user account, such as the maximum number of queries, updates, connections, and concurrent connections that an account can execute in one hour.

Figure 6.7 Navigator Management: User And Privileges: Account Limits

Navigator Management: User And Privileges: Account Limits

Administrative Roles

To aid in assigning privileges to MySQL Server users, MySQL Workbench introduces the concept of Administrative Roles. Roles are a quick way of granting a set of privileges to a user, based on the work the user must carry out on the server. It is also possible to assign multiple roles to a user. To assign roles, click the User Account you wish to modify, then click the Administrative Roles tab. Then click the check boxes according to the roles you wish to allocate to the user. After you select a role to a user, you will see the accumulated privileges in the Global Privileges Assigned to User panel. For example, if you select the role BackupAdmin, the privileges granted include EVENT, LOCK TABLES, SELECT, SHOW DATABASES. If you also select the role of ReplicationAdmin, the list of privileges expands to include REPLICATION CLIENT, REPLICATION SLAVE and SUPER.

These roles are available:

  • DBA: Grants all privileges

  • MaintenanceAdmin: Grants privileges to maintain the server

  • ProcessAdmin: Grants privileges to monitor and kill user processes

  • UserAdmin: Grants privileges to create users and reset passwords

  • SecurityAdmin: Grants privileges to manage logins and grant and revoke server privileges

  • MonitorAdmin: Grants privileges to monitor the server

  • DBManager: Grants privileges to manage databases

  • DBDesigner: Grants privileges to create and reverse engineer any database schema

  • ReplicationAdmin: Grants privileges to set up and manage replication

  • BackupAdmin: Grants privileges required to back up databases

  • Custom: Lists other (custom) privileges that are assigned to the user account

The Password Validation Plugin (available as of MySQL Server 5.6.6) is supported in Workbench. For information about what these settings mean, see The Password Validation Plugin.

Figure 6.8 Navigator Management: User And Privileges: Administrative Roles

Navigator Management: User And Privileges: Administrative Roles

Schema Privileges

Additional schema privileges that the account can use. For example, the standard mysqlbackup user has "CREATE TEMPORARY TABLES" on the mysql schema.

Figure 6.9 Navigator Management: User And Privileges: Schema Privileges

Navigator Management: User And Privileges: Schema Privileges

User Comments
Sign Up Login You must be logged in to post a comment.