I’m having a problem connecting to a MySQL server over two different trusted domains.
We’re developing an app for internal use and have been using MySQL till now. It’s a desktop app written in vb.net.
Up until now all the users were on the same domain and there were no issues. Just recently there was an higher-level decision to split users in 2 different domains for various reasons.
The problem is that users from the new domain cannot access the server. If that helps, I was told by the administrators that the users from both domains are trusted. Both machines are running Windows Server – 2003 and 2008.
The server port is open, the grants are all in there(base_class@%) but upon attempt –
access denied for user base_class@datablock2.
What is the problem?
In MySQL, permissions are granted on a per-domain basis. That is, permissions granted to a user connecting from the local domain do not exist for a user connecting from a different domain. The same user connecting from a different domain is treated as a different accessor. The reason is to provide protection against misuse. For example, I personally configure my servers to grant potentially dangerous permissions only to users connecting from the local machine. You must be logged in to the server machine physically to delete critical data! Try granting permissions to the server for each user at each domain they will be logging in from specifically. Don’t use wild cards at all. Take advantage of the additional layer of security to create a domain for administration and one for less critical tasks.