Viewing or Modifying Authority-Based User Properties

View or change the details of login parameters and authorities for authority-based users.

Prerequisites
Database Version Authority-Based User Permissions
SAP Sybase IQ 15.3 and 15.4 View any user property page – none.
Modify a password – you must have one of:
  • DBA authority
  • USER ADMIN authority
  • PERMS ADMIN authority
Modify a login policy – you must have one of:
  • DBA authority
  • USER ADMIN authority

Modify any other user property except those relating to permissions – you must have DBA authority.

For privileges relating to user permissions, see:
SAP Sybase IQ 16.0 Not Supported.
Task
  1. In the Perspective Resources view, select the resource, and select Resource > Administration Console.
  2. In the left pane, expand IQ Servers > Security > Authority-Based, and then select Users.
  3. Select a user from the right pane and either:
    • Click the arrow to the right of the name and select Properties, or
    • From the Administration Console menu bar, select Resource > Properties.
    The User Properties view appears
  4. View or edit the properties.
    • When you are modifying properties, you need not click Apply before changing screens; however, doing so saves any changes.
    • If you do not have privileges to modify properties, SAP Control Center displays the properties view in read-only mode.
    Area Description
    General

    Name – (Read-only) Name of the user.

    Enable Password – Allows the user to connect to the database with password security. Clearing this option disables the Password and Confirm Password options. User can log on without specifying a password.

    Password – The password for the user. Characters appear as asterisks.

    Confirm password – A field for confirming the password that you typed in the Password text box. The contents of the two fields must match exactly.

    Password creation time – Date and time when the password was created.

    Change password on next login – Select to force the user to change the password at the next login.

    Login policy – Select a login policy for the user from the list.

    Last login time – (Read-only) Last time the user successfully logged in.

    Failed login attempts – (Read-only) Number of times the user has tried to log in with an incorrect password.

    Locked – (Read-only) Displays false if the account is unlocked. Displays true if the user has exceeded the allowed number of failed login attempts.

    Unlock now – Unlocks the account if Locked is true.

    Comment – A text field for adding an optional comment about the user.
    Authorities

    Backup - Grants the ability to perform database backups.

    DBA - Grants the ability fully administer the database.

    Multiplex Admin - Grants the ability for Multiplex server administration.

    Operator - Grants the ability to backup and checkpoint databases, perform system monitoring, and drop connections.

    Perms Admin - Grants the ability to manage data permission, groups, authorities, and passwords.

    Profile - Grants the ability to perform application and procedure profiling, request log creation and analysis, and by the Index Consultant.

    Read client file - Grants the ability to read from a file on the client computer, for example when loading data.

    Read file - Grants the ability to the group to execute SELECT statements against a file using the OPENSTRING clause.

    Remote DBA - Grants Remote DBA authority to any table the group can access. To ensure that actions are secure, run the SQL Remote Message agent using a user ID with this type of authority.

    Resource - Grants the ability to create database objects.

    Space Admin - Grants the ability to perform dbspace management (including CREATE permission) and read-only selective database restoration.

    User Admin - Grants the ability to manage users, external logins, and login policies management.

    Validate - Grants the ability to validate tables, materialized views, and indexes.

    Note: Materialized views are only supported for tables in the IQ system store.

    Write client file - Grants the ability to write to a file on the client computer, for example when downloading data.

    LDAP Feature not supported in authority-based security model.
    Permission

    See Authority-Based User and Group Object Permissions.

  5. Do one of:
    • Click OK to update any changes to the database and exit the properties view.
    • Click Apply to update any changes to the database, but remain in the properties view.
    • Click Cancel to cancel any changes not updated to the database and exit the properties view.
Parent topic: Authority-Based Users
Related tasks
Creating an Authority-Based User
Deleting an Authority-Based User
Converting an Authority-Based User to a Group
Viewing or Modifying Authority-Based User Options
Generating Authority-Based User DDL Commands
Changing an Authority-Based User Password
Forcing an Authority-Based User to Change their Password
Unlocking an Authority-Based User Account
Changing an Authority-Based User Login Policy
Adding an Authority to an Authority-Based User
Removing an Authority from an Authority-Based User
Authenticating a Login Account for a Managed Resource
Related reference
Authority-Based User Privilege Summary