There are changes to some login policy options in SAP Sybase IQ 16.0.
Option | Description |
---|---|
AUTO_UNLOCK_TIME | New option. The time period after which locked accounts not granted the MANAGE ANY USER system privilege are automatically unlocked. This option can be defined in any login policy, including the root login policy. |
ROOT_AUTO_UNLOCK_TIME | New option. The time period after which locked accounts granted the MANAGE ANY USER system privilege are automatically unlocked. This option can be defined in the root login policy only. |
CHANGE_PASSWORD_DUAL_CONTROL | New option. Requires input from two users, each granted the CHANGE PASSWORD system privilege, to change the password of another user. |
LDAP_PRIMARY_SERVER | New option. Specifies the name of the primary LDAP server. |
LDAP_SECONDARY_SERVER | New option. Specifies the name of the secondary LDAP server. |
LDAP_AUTO_FAILBACK_PERIOD | New option. Specifies the time period, in minutes, after which automatic failback to the primary server is attempted. |
LDAP_FAILOVER_TO_STD | New option. Permits authentication with standard authentication when authentication with the LDAP server fails due to system resources, network outage, connection timeouts, or similar system failures. However, it does not permit an actual authentication failure returned from an LDAP server to fail over to standard authentication. |
LDAP_REFRESH_DN | New option. Updates the ldap_refresh_dn value in the
ISYSLOGINPOLICYOPTION system table with the current
time, stored in Coordinated Universal Time (UTC). Each time a user authenticates with LDAP, if the value of the option ldap_refresh_dn in ISYSLOGINPOLICYOPTION is more recent than the user_dn value in ISYSUSER, a search for a new user DN occurs. The user_dn value is then updated with the new user DN and the user_dn_changed_at value is again updated to the current time. |
See Reference: Statements and Options > SQL Statements > ALTER LOGIN POLICY Statement.