Last updated April 9, 2016. Created on December 15, 2009.
Edited by xangy, gdaw, yogeshchaugule8, gonzalam. Log in to edit this page.

This article is meant to disambiguate the use of the term "user" as it applies to the installation of a Drupal web site.

There are several steps involved in installing Drupal. In several of the steps, "user" information is needed for a particular kind of "account". In order to help you keep the concept of "user" straight, this article outlines the different kinds of "users." A "user" is not associated with an individual person in three of the four user types mentioned here. To help sort that out for each kind of user, the question is asked, "Who is..." in order to map the "user" to the actual people.

This is not an installation guide. Rather, it is a background piece which provides a bigger picture that might make installation and planning easier.

  1. Computer User: The person installing Drupal must have access to the computer where the installation lives. If you are installing Drupal locally on your own computer, then the "computer user" is you. It is also important to note that you are most likely the "administrator" user role, too. If you are installing Drupal at a remote server such as a web hosting company, then the computer user account could be called one of the following (not a complete list):
    • Web hosting account login
    • FTP login
    • cPanel login
    • Secure shell (SSH) login

    Who are the people who are associated with the computer user? In some cases, like for your own computer or for some FTP logins, these "users" are individual people. In other cases, such as a web hosting account login or cPanel, one user (or "account") name/password is used to log in to control the account and may be shared by several people.

  2. Database User: A Drupal installation requires a database to run. (MySQL and PostgreSQL are the best supported database programs compatible with Drupal.) Databases typically have access control mechanisms and require "users" with the right permissions to change the database (add/edit/remove data, create tables, etc.). A Drupal installation needs to have full control over the database, so when you set up a new Drupal site, you (or your web hosting company) create a database user with full privileges and then give the user name and password to the Drupal installation so that Drupal will have full control over the database. The database user information is stored in the settings.php file, which is either in sites/default or a different subdirectory of sites in your Drupal installation.

    Who is the database user? The database "user" is not a person. It is an account created with the database software in order to give Drupal control of the database.

  3. User/1: "User/1", also known as the "maintenance account" or "super-user account" is the Drupal account you are prompted to create immediately after you have successfully installed a new Drupal site. This account is unique to your site (it doesn't have anything to do with or any other web site). This account is different from all other users in a Drupal installation because it has no permissions limitations ("permissions" were called "access control" in Drupal 5 and before). "User/1", in Drupal 6 and before, is also the only account that can launch the update.php script that you need to run after a software upgrade.

    Who is user/1? User/1 shouldn't be associated with an individual person, but rather with the person or persons who have the responsibility for keeping software up-to-date on your site.

    It is a best practice to avoid creating site content with user/1. That is so because it is awkward when responsibility for site maintenance done as User/1 needs to change to a new person if the original User/1 wrote content that still needs to be associated with him/her. The content written by the original author would have to then be assigned to a new user account. It's better to simply create that second account immediately after installing the site.

  4. User/2 and all other users: User/2 and all other registered users on your Drupal site should each be associated with an individual person. Registered users can be assigned to roles, which are given fine-grained permissions to allow different users different access to administer the site and add content.
  5. User/0 or Anonymous user: User/0 is reserved for the unregistered/anonymous user. In database 'users' table uid = 0 is assigned for anonymous users. Note: In Database's users table, uid = 0 row must exist or the site will have severe problems.

Looking for support? Visit the forums, or join #drupal-support in IRC.


brankoc’s picture

There is a fifth user, the web server. Typically (as in: with shared hosting) the web server user does not have write access to files uploaded by FTP and vice versa, which can be a problem once the one tries to delete or overwrite files created by the other.

There is little you can do about this, except make sure that you use Drupal to manage files that are to be under Drupal's control.

lesleyb’s picture

User/0 is mentioned in General Concepts but not listed here.
I don't regard Computer User as equivalent

sunil mishra’s picture

Yes that would fit well here and also I think database user and computer user should be listed separately as to distinguish from actual roles within drupal.

Heymi’s picture

I've always found it interesting why a lot vbulletin forums avoided creating the admin user as id=1 always thought it was a security feature. After reading this it seems it wasn't the case.