Logging in to Replication Server

Connect to Replication Server using a client application such as isql or a custom application program you create with Open Client Client-Library. The isql utility includes command line options that enable network-based security services for the connection to Replication Server.

Table 8-11 describes the command line options that you can use with isql to enable network-based security on the connection.

**Table 8-11: isql command line options for security**
Option name	Meaning
-K keytab_file	Use only with DCE security. It specifies a DCE keytab file that contains the security key for the user logging into the server. Keytab files can be created with the DCE dcecp utility—see your DCE documentation for more information. Replication Server must have read permission on this file. For Kerberos users: Specify the location of the key table file using the key table registry key entry (Windows 2000 or 2003).
-S server_name	Specifies the server’s network name. If unified login is enabled, this option also specifies the principal user.
-V security_options	Specifies unified login. With this option, the user must log in to the network’s security system before running the isql utility. If a user specifies the -U option, the user must supply the network user name known to the security mechanism; any password supplied with the -P option is ignored. -V can be followed by a string of options that enable additional security services. Here is a list of options and the services they enable. c – data confidentiality i – data integrity m – mutual authentication o – data origin stamping service r – data replay detection q – out-of-sequence detection
-X	Specifies that connections are made with encrypted passwords.
-Z security_mechanism	Specifies the name of a security mechanism to use on the connection to Replication Server. Supported security mechanism names are listed in the libtcl.cfg file. If no security mechanism is supplied, the default is used, which is the first security mechanism listed under SECURITY in libtcl.cfg.

Examples of connecting to Replication Server

You can connect to Replication Server by logging in to the security mechanism and then logging in to Replication Server, or you can log directly in to Replication Server.

You must include the -S flag to identify the principal user. Some sample logins follow.

Connecting to Replication Server from the security mechanism

To log in first to the DCE security mechanism and then to Replication Server, you can follow these steps:

Log in to the DCE security mechanism and receive a credential:
- For DCE, enter
```
dce_login user_name password
```
- For Kerberos, enter
```
kinit user_name password
```

For DCE, enter

isql -Srs_server_name -Vsecurity_option

For Kerberos, enter

isql -Srs_server_name -Vsecurity_option

When using DCE, if you want to log in as another user, you must include the -U and -K options.

Connecting to Replication Server from outside security

To connect to Replication Server from outside the security mechanism, you can enter:

For DCE, enter

isql -Srs_server_name -Uuser_name 
     -Kkeytab_file

For Kerberos, enter
```
isql -Srs-server_name -Yuser_name
```