Sybase IQ defines the rules to be followed when establishing a user’s database connection in a database object called a login policy. A login policy is a named object in the database that consists of a set of options. Each login policy is associated with a set of options called login policy options. See Table 1-5 in Chapter 1, “SQL Statements,” in Reference: Statements and Options.
You must have DBA privileges or USER ADMIN authority to create new login policies or assign an existing login policy to a user. Login policies cannot be inherited through the user group hierarchy. For the SQL command syntax to manage policies, see ALTER LOGIN POLICY statement, ALTER USER statement, CREATE LOGIN POLICY statement, and DROP LOGIN POLICY statement in Chapter 1, “SQL Statements,”in Reference: Statements and Options.
Each new database is created with a default login policy, called the root policy. You can modify the option values for the root login policy, but you cannot drop the policy. When you create a user account without specifying a login policy, the user becomes part of the root login policy. Any options that are not explicitly set when creating a login policy inherit their values from the root policy.
See "Managing login policies overview".
You can execute login management commands on any multiplex server; they automatically propagate to all servers in the multiplex. For best performance, Sybase recommends that you execute these commands, or any DDL, on the coordinator. See Using Sybase IQ Multiplex.
Migrating databases to Sybase IQ 15.2 from 12.7 removes existing login management settings. To re-create login management settings after migration, use the SQL syntax in the following section.