The Sybase IQ login management facility helps you manage users and connections to a database.
Limiting the number of active logins for a single user.
To do this, assign a user to a login policy in which you have specified the max_connections login policy option.
Locking out a user.
To do this, assign a user to a login policy that has the locked option set ON.
Setting user password expirations.
To do this, specify the max_failed_login_attempts and max_days_since_login for a login policy and assign a user to this policy. You can also explicitly expire a user password by using the FORCE PASSWORD CHANGE clause in the SQL statement CREATE/ALTER USER.
For the SQL command syntax to manage policies, see CREATE LOGIN POLICY, ALTER LOGIN POLICY, and DROP LOGIN POLICY in Reference: Statements and Options.
Each new database contains a login policy named root. You can modify the option values for the root login policy, but you cannot drop the policy. When a user account is created without specifying its login policy, the user becomes part of the root login policy.
This table lists the procedure you call to perform each Sybase IQ login management function.
Stored procedure |
Purpose |
Authority required |
|---|---|---|
sa_get_user_status |
Retrieve the current status of all existing users |
DBA or USER ADMIN |
sp_expireallpasswords |
Cause all user passwords to expire immediately |
DBA or USER ADMIN |
sp_iqaddlogin |
Add users, define their passwords, specify login policy and password expiry on next login |
DBA |
sp_iqcopyloginpolicy |
Create a new login policy by copying an existing one |
DBA |
sp_iqdroplogin |
Drop the specified user |
DBA |
sp_iqmodify |
Assign a given user to a login policy |
DBA |
sp_iqmodifyadmin |
Set an option on a named login policy to a certain value |
DBA |
sp_iqpassword |
Change a user’s password |
DBA to change another user’s password. All users can run sp_iqpassword to change their own passwords. |