sp_addexternlogin

Description

(Component Integration Services only) Creates an alternate login account and password to use when communicating with a remote server through Component Integration Services.

Syntax

sp_addexternlogin server, loginame, externname 
	[, externpasswd] [rolename]

Parameters

server

is the name of the remote server. The remote_server must be known to the local server by an entry in the master.dbo.sysservers table.

loginame

is an account known to the local server. loginame must be represented by an entry in the master.dbo.syslogins table. The “sa” account, the “sso” account, and the loginame account are the only users authorized to modify remote access for a given local user.

externnname

is an account known to the server and must be a valid account on the node where the server runs. This is the account used for logging into the server.

externpasswd

is the password for externnname.

rolename

is the Adaptive Server user’s assigned role. If rolename is specified, login_name is ignored.

Examples

Example 1

Tells the local server that when the login name “bobj” logs in, access to the remote server OMNI1012 is by the remote name “jordan” and the remote password “hitchpost”. Only the “bobj” account, the “sa” account, and the “sso” account have the authority to add or modify a remote login for the login name “bobj”:

sp_addexternlogin OMNI1012, bobj, jordan, hitchpost

Example 2

Shows a many-to-one mapping so that all Adaptive Server Enterprise users that need a connection to DB2 can be assigned the same name and password:

sp_addexternlogin DB2, NULL, login2, password2

Example 3

Adaptive Server Enterprise roles can also be assigned remote logins. With this capability, anyone with a particular role can be assigned a corresponding login name and password for a given remote server:

sp_addexternlogin DB2, NULL, login3, password3, role

Usage

Permissions

The permission checks for sp_addexternlogin differ based on your granular permissions settings.

Granular permissions enabled

With granular permissions enabled, you must be a user with manage any remote login privilege. Any user can execute sp_addexternlogin for their own login.

Granular permissions disabled

With granular permissions disabled, you must be a user with sa_role or sso_role. Any user can execute sp_addexternlogin for their own login.

Auditing

Values in event and extrainfo columns from the sysaudits table are:

Event

Audit option

Command or access audited

Information in extrainfo

38

exec_procedure

Execution of a procedure

  • Roles – Current active roles

  • Keywords or options – NULL

  • Previous value – NULL

  • Current value – NULL

  • Other information – All input parameters

  • Proxy information – Original login name, if set proxy in effect

See also

System procedures sp_addserver, sp_dropexternlogin, sp_helpexternlogin, sp_helpserver