Login Policy Option Configuration

You can use ALTER LOGIN POLICY to configure login policy options.

Example

The following example overrides the login policy settings on two logical servers, enabling distributed query processing on logical server ls1 and increasing the maximum number of connections on logical server ls2

ALTER LOGIN POLICY lp1 dqp_enabled=ON LOGICAL SERVER ls1;

ALTER LOGIN POLICY lp2 max_connections=20 LOGICAL SERVER ls2;

Usage

Applies to multiplex only.

A logical server level override means that a particular login policy option has different settings for different logical servers. SYS.ISYSIQLSLOGINPOLICYOPTION stores login policy option values for logical server override. For each logical server override of a login policy option of a login policy, a corresponding row exists in ISYSIQLSLOGINPOLICYOPTION.

Note: You can only specify a logical server override setting for login policy options max_connections and dqp_enabled. (The dqp_enabled option only affects multiplex servers. See Multiplex Reference > Database Options > dqp_enabled Option.) You cannot specify logical server overrides for the root login policy.

Login Policy Options
Option	Description	Values	Initial value for ROOT policy	Applies to
`dqp_enabled`	If ON, enables distributed query processing for users assigned to that login policy.	ON, OFF	ON	Multiplex servers only. All users including those with DBA authority...
`locked`	If the value for this option is ON, users are prohibited from establishing new connections	ON, OFF	OFF	Users without DBA authority only
`max_connections`	The maximum number of concurrent connections allowed for a user.	0 – 2147483647	Unlimited	Users without DBA authority only
`max_days_since_` `login`	The maximum number of days that can elapse between two successive logins by the same user.	0 – 2147483647	Unlimited	Users without DBA authority only
`max_failed_` `login_attempts`	The maximum number of failed attempts, since the last successful attempt, to login to the user account before the account is locked.	0 – 2147483647	Unlimited	Users without DBA authority only
`max_non_dba_` `connections`	The maximum number of concurrent connections that a user without DBA authority can make. This option is only supported in the root login policy.	0 – 2147483647	Unlimited	Users without DBA authority only. Only to the root login policy.
`password_expiry_` `on_next_login`	If the value for this option is ON, the user's password will expire in the next login.	ON, OFF	OFF	All users including those with DBA authority
`password_grace_` `time`	The number of days before password expiration during which login is allowed but the default post_login procedure issues warnings.	0 – 2147483647	0	All users including those with DBA authority
`password_life_` `time`	The maximum number of days before a password must be changed.	0 – 2147483647	Unlimited	All users including those with DBA authority

Note: Sybase IQ no longer supports the MULTIPLEX SERVER override clause. Using ALTER LOGIN POLICY statement with the MULTIPLEX SERVER override clause for login policy options returns an error.