Skip navigation links
12.4.1.2 GRANT Syntax »
Section Navigation      [Toggle]

12.4.1.1. DROP USER Syntax

DROP USER user [, user] ...

The DROP USER statement removes one or more MySQL accounts. To use it, you must have the DELETE privilege for the mysql database. Each account is named using the same format as for the GRANT statement; for example, 'jeffrey'@'localhost'. If you specify only the user name part of the account name, a host name part of '%' is used. For additional information about specifying account names, see Section 12.4.1.2, “GRANT Syntax”.

DROP USER was added in MySQL 4.1.1. In MySQL 4.1, it serves only to remove account rows from the user table for accounts that have no privileges. To remove a MySQL account completely (including all of its privileges), you should use the following procedure, performing the steps in the order shown:

  1. Use SHOW GRANTS to determine what privileges the account has. See Section 12.4.5.12, “SHOW GRANTS Syntax”.

  2. Use REVOKE to revoke the privileges displayed by SHOW GRANTS. This removes rows for the account from all the grant tables except the user table, and revokes any global privileges listed in the user table. See Section 12.4.1.2, “GRANT Syntax”.

  3. Delete the account by using DROP USER to remove the user table row.

In MySQL 5.0.2 and up, DROP USER removes the account row in the user table and also revokes the privileges held by the account. It is not necessary to use DROP USER in conjunction with REVOKE.

Important

DROP USER does not automatically close any open user sessions. Rather, in the event that a user with an open session is dropped, the statement does not take effect until that user's session is closed. Once the session is closed, the user is dropped, and that user's next attempt to log in will fail. This is by design.

Before MySQL 4.1.1, DROP USER is not available. You should first revoke the account privileges using SHOW GRANTS and REVOKE as just described. Then delete the user table row and flush the grant tables as shown here: 

mysql> DELETE FROM mysql.user
    -> WHERE User='user_name' and Host='host_name';
mysql> FLUSH PRIVILEGES;

User Comments

Posted by Jonathan Watt on May 24 2009 1:18pm[Delete] [Edit]

So DROP USER does not automatically close any open user sessions, but does it prevent that user from opening new sessions in the meantime?

Add your own comment.