LDAP is an industry standard for accessing directory services over a network. With version 12.5.1, Adaptive Server extends its LDAP support to include storage of user information.
With LDAP services enabled:
Adaptive Server authenticates clients with data from an LDAP server.
Users authenticate with passwords stored on an LDAP server rather than in the syslogins catalog. The LDAP server provides a centralized location for login accounts—both names and passwords.
Adaptive Server servers share user login data stored on the LDAP server.
Information formerly stored in syslogins is now managed and stored on an LDAP server. It is cached locally to preserve referential integrity and for other, database-specific uses.
With LDAP enabled, users have a single login and password throughout the enterprise.
Adaptive Server support for LDAP requires an ASE_DIRS license. To set up accounts, you must:
Add user login accounts to the LDAP server.
Construct an LDAP URL search string for user authentication to Adaptive Server using sp_ldapadmin.
Set the Adaptive Server configuration parameter enable ldap user auth to authorize the use of LDAP.
After a user account is added to the LDAP server, Adaptive Server can modify local characteristics of that account. A System Administrator or a System Security Officer can add a row in syslogins using sp_addlogin to set login-specific values—such as a default database or the granting of roles.
To aid migration of user accounts to the LDAP server, enable ldap user auth provides a setting that allows authentication through either the LDAP server or syslogins.
For more information, see the System Administration Guide.
