When you configure an external authentication mechanism, if there is a single mapping of an external user to an internal Adaptive Server login, and if the mapping is successfully authenticated, Adaptive Server updates the internal login password to match the external user’s password. For example:
A user has an Adaptive Server login name of user_ase (with password user_password), and an LDAP login name of user_ldap (with password user_ldappasswd).
The produces a one to one mapping for user_ldap to user_ase.
When user_ldap logs into Adaptive Server using the user_ldappassword, Adaptive Server updates the password for user_ase to user_ldappassword
The benefit of mapping the Adaptive Server login name to the LDAP password is that the user can log in with the most recently used LDAP password if the LDAP server crashes. That is, when a user has a one-to-one mapping of a user name to an LDAP password for Adaptive Server authentication, the user appears to have uninterrupted authentication to Adaptive Server because the password is updated locally when it is used to authenticate the login.
However, Adaptive Server does not update the password locally when more than one external user is mapped to the local user. If the LDAP server crashes, Adaptive Server cannot authenticate multiple external users mapped to a single Adaptive Server user.
