The Sybase IQ login management facility helps you manage users and connections to a database.
Users with DBA or USER ADMIN authority can add or drop users and control connections by:
Limiting the number of active logins for a single user.
To do this, assign a user to a login policy in which you have specified the max_connections login policy option.
Locking out a user.
To do this, assign a user to a login policy that has the locked option set ON.
Setting user password expirations.
To do this, specify the max_failed_login_attempts and max_days_since_login for a login policy and assign a user to this policy. You can also explicitly expire a user password by using the FORCE PASSWORD CHANGE clause in the SQL statement CREATE/ALTER USER.
For the SQL command syntax to manage policies, see CREATE LOGIN POLICY, ALTER LOGIN POLICY, and DROP LOGIN POLICY in Reference: Statements and Options.
Each new database contains a login policy named root. You can modify the option values for the root login policy, but you cannot drop the policy. When a user account is created without specifying its login policy, the user becomes part of the root login policy.
Table 8-4 lists the procedure you call to perform each Sybase IQ login management function.
Stored procedure |
Purpose |
Authority required |
|---|---|---|
sa_get_user_status |
Retrieve the current status of all existing users |
DBA or USER ADMIN |
sp_expireallpasswords |
Cause all user passwords to expire immediately |
DBA or USER ADMIN |
sp_iqaddlogin |
Add users, define their passwords, specify login policy and password expiry on next login |
DBA |
sp_iqcopyloginpolicy |
Create a new login policy by copying an existing one |
DBA |
sp_iqdroplogin |
Drop the specified user |
DBA |
sp_iqmodify |
Assign a given user to a login policy |
DBA |
sp_iqmodifyadmin |
Set an option on a named login policy to a certain value |
DBA |
sp_iqpassword |
Change a user’s password |
DBA to change another user’s password. All users can run sp_iqpassword to change their own passwords. |
For details of Sybase IQ login management procedures, see Chapter 7, “System Procedures” in Reference: Building Blocks, Tables, and Procedures
For system tables used in Sybase IQ login management, see Chapter 8, “System Tables and Views,” in Reference: Building Blocks, Tables, and Procedures.
