You can use SQL to grant different types of privileges to various database users through DCL. Usually the privileges are restricted, allowing users the ability to retrieve, update, or delete the data needed to perform their assigned jobs.

You can enable authentication only after you have created users in the _user table. If you have not created any users for an OpenEdge database, the authentication check is not performed when a user tries to connect to the database. This means no password is required (you can input any text value for the password) to connect to the OpenEdge database.
Note: If a database administrator grants PUBLIC privileges to any tables, then the tables can be accessed by any database user, even if the users does not have separate privileges.

When you create users in the database, the default database administrator (the user who creates the database) is disabled. To have a valid database administrator account, grant the database administrator privilege to at least one user.

If at least one user is created but the database administrator access rights are not given, the user can create a sysprogress user by using the OpenEdge Data Administration tool to allow database administrator access to the database.
Note: Make sure that a password is defined for sysprogress user or connection will fail.
Note: Privileges are granted even if users are not created in the database. If you add users to the _user table, grant privileges from the SQL side database administrator account to work with SQL side data. Failure to do so will result in queries returning the following error:
Access denied (Authorization failed) (7512).