To prevent a user from logging in to Adaptive Server, you can either lock or drop an Adaptive Server login account. Locking a login account maintains the suid so that it cannot be reused.
Execute sp_locklogin to lock login accounts
Audit records with audit event AUD_EVT_LOGIN_LOCKED (112) are generated under the login_locked audit option when the login account is locked because login attempts have reached a configured maximum failed login value.
WARNING! Adaptive Server may reuse the server user ID (suid) of a dropped login account when the next login account is created. This occurs only when the dropped login holds the highest suid in syslogins; however, it can compromise accountability if execution of drop login is not being audited. Also, it is possible for a user with the reused suid to access database objects that were authorized for the old suid.
You cannot drop a login when:
The user is in any database.
The login is the last remaining user who holds the system security officer or system administrator roles.
The system security officer can lock or drop a login using sp_locklogin or drop login. If the system procedure is being logged for replication, the system security officer must be in the master database when issuing the command.
