Enables Kerberos-authenticated connections to the database server.
{ dbsrv11 | dbeng11 } -krb ...
All operating systems except Windows Mobile.
This option enables Kerberos authentication to the database server. You must specify one or more of the -krb, -kl, and -kr options for the database server to be able to authenticate clients using Kerberos.
Before you can use Kerberos authentication, a Kerberos client must already be installed and configured on both the client and database server computers. Additionally, the principal server-name@REALM must already exist in the Kerberos KDC, and the keytab for the principal server-name@REALM must already have been securely extracted to the keytab file on the database server computer. The database server will not start if the -krb option is specified, but this setup has not been performed.
The database server name cannot contain any of the following characters: /, \, or @, and database server names with multibyte characters cannot be used with Kerberos.
The login_mode database option must be set to allow Kerberos logins, and Kerberos client principals must be mapped to database user IDs using the GRANT KERBEROS LOGIN statement.
For a Kerberos principal for the database server named my_server_princ@MYREALM, the following command starts a database server named my_server_princ.
dbsrv11 -krb -n my_server_princ C:\kerberos.db |
Discuss this page in DocCommentXchange. Send feedback about this page using email. |
Copyright © 2009, iAnywhere Solutions, Inc. - SQL Anywhere 11.0.1 |