Before you continue playing with mysqladmin, you need to make sure your installation is not intentionally giving away access.
For starters, can you login to mysql like this?
# mysql <hit enter>
If you can get just like that, run this command:
SELECT USER(),CURRENT_USER();
- USER() reports how you attempted to authenticate in MySQL
- CURRENT_USER() reports how you were allowed to authenticate in MySQL
If CURRENT_USER() return a user and host where the user is blank, then you were allowed in as an anonymous user. At that point, you can remove anonymou users with this:
DELETE FROM mysql.user WHERE user='';
FLUSH PRIVILEGES;
Now, locate all users with no password with this:
SELECT user,host,password FROM mysql.user;
If any users have no password, you can issue new passwords for user using mysqladmin or you could just assign them as follows:
UPDATE mysql.user SET password=PASSWORD('whateverpassword') WHERE user='...' AND host='...';
FLUSH PRIVILEGES;
Now, check for remote users
SELECT user,host FROM mysql.user WHERE host='%';
If you see any, run this:
DELETE FROM mysql.user WHERE host='%';
FLUSH PRIVILEGES;
Make sure when all is said and done that at least root@localhost and/or root@127.0.0.1 exist and have a password
SELECT user,host,password FROM mysql.user WHERE user='root';
I could probably go on. Here are other posts I have about stuff like this:
Best Answer
By default, MySQL server accounts, with the default authentication plugin, are completely unrelated to system or network users. That means that (again, stress on by default), whenever you run:
CREATE USER
you are creating a mysql-only account, no matter if it has the same name than other system (os) or authentication methods.However, MySQL has available authentication plugins, which you can enable on a per-account basis, and link it, for example, to OS accounts or LDAP/domain network accounts.
I am personally not familiar with Microsoft Authentication methods (I am myself a Linux administrator, so I only familiar with plugins such as unix_socket and PAM) but a quick search tells me that such plugins indeed exist:
https://dev.mysql.com/doc/refman/5.5/en/windows-pluggable-authentication.html
I can even see MySQL installed on Linux servers using PAM to authenticate using windows servers:
https://runops.wordpress.com/2015/03/19/how-to-setup-active-directory-authentication-in-mysql-running-on-linux/
If you were unsuccessful with trying those, or don't want to pay for them, you could setup an external utility to sync domain users with MySQL local users.