Sybase IQ defines the rules to be followed when establishing a user’s database connection in a database object called a login policy. A login policy is a named object in the database that consists of a set of options. Each login policy is associated with a set of options called login policy options. For details, see Table 1-7 in Chapter 1, “SQL Statements,” in Reference: Statements and Options.
You must have DBA privileges to create new login policies or assign an existing login policy to a user. Login policies cannot be inherited through the user group hierarchy. For the SQL command syntax to manage policies, see ALTER LOGIN POLICY statement, CREATE LOGIN POLICY statement, and DROP LOGIN POLICY statement in Chapter 1, “SQL Statements,”in Reference: Statements and Options.
Each new database is created with a default login policy, called the root policy. You can modify the option values for the root login policy, but you cannot drop the policy. When a user account is created without specifying its login policy, the user becomes part of the root login policy. Any options that are not explicitly set when creating a login policy inherit their values from the root policy. For details on managing login policies, see “Managing login policies overview” in the SQL Anywhere Server – SQL Reference.
You can execute login management commands on any multiplex server and they get automatically propagated to all servers in the multiplex. As recommended for any DDL for performance reasons, these commands should be executed on the coordinator. For details, see Using Sybase IQ Multiplex.
Migrating databases to Sybase IQ 15.1 removes existing login management settings and replaces certain stored procedures and system tables with new ones listed in New Features in Sybase IQ 15.0. To recreate login management settings after migration, use the SQL syntax in the following section.
