When you install Adaptive Server and other Sybase products on your computer, the installation program configures several parameters to help you to manage the login security features while in Integrated or Mixed mode.
This sections describes the following management parameters:
To modify the parameter values, see “Modifying the parameter values”.
Adaptive Server uses the Default Login parameter to specify the Adaptive Server login name that an authorized user can enter when a network user name does not appear in the syslogins table. Standard mode does not use this value.
When there is no value for Default Login, Adaptive Server denies access to users who do not have a network user name in syslogins.
Adaptive Server uses the Default Domain parameter to specify the NT or LAN Manager domain name for matching network user names to Adaptive Server login names.
Because two different domains can define the same network user name for two different users, the following rules apply:
Adaptive Server can authorize access to both distinct users, but it must be able to distinguish between the two names in the login process for a trusted connection.
For user names defined in domains other than the parameter’s default value, Adaptive Server adds the domain name and a domain separator, a backslash character (\), to the network user name before looking for the user name in the syslogins table.
For example, the domain MARKETING is the Adaptive Server default definition, and two different users employ the network user name “john”, one in the MARKETING domain and the other in the ENGINEERING domain.
John in MARKETING accesses Adaptive Server with the login name of “john” over a trusted connection.
John in ENGINEERING accesses the same Adaptive Server with a login name of “ENGINEERING\john” to which his name was mapped before the software looked it up in syslogins.
When your server computer participates in a specific domain, set the Default Domain parameter to that domain name. Otherwise, set Default Domain to the server’s computer name.
The SetHostName parameter determines whether the host name from the client login record is replaced with the NT network user name for users under integrated security mode.
1 (enabled) – to include the network user name in the results of the sp_who system procedure.
0 (disabled) – the default, to omit the network user name from the results of the sp_who system procedure.
To modify the SetHostName value, which is located in the following Registry path: HKEY_LOCAL_MACHINE\SOFTWARE\Sybase\ Server\server_name, you must use the regedt32 utility.
For general information about regedt32, see your NT operating system documentation.
Certain characters that are valid for NT user names are not valid for Adaptive Server login user names. Such characters include the following:
Domain separator (\)
Space ( )
Hyphen (-)
Period (.)
Single quotation mark (’)
Exclamation point (!)
Percent sign (%)
Caret (^)
Ampersand (&)
Character mapping lets you determine how these invalid characters can be converted into characters that are valid for Adaptive Server.
For example, the NT user name “t-johns” contains a dash character (-), which is invalid in Adaptive Server. You can map the dash character to a valid “at” sign (@) to make the user name compatible with Adaptive Server, as “t@john”. The mapping stores the dash as an “at” sign, but displays it as a dash.
When you first install Adaptive Server, the installation program maps a few invalid characters to the valid characters that are listed in Table 8-5.
Invalid character |
Valid mapped character |
|---|---|
Domain separator (\) |
Underscore (_) |
Hyphen (-) |
Pound sign (#) |
Space ( ) |
Dollar sign ($) |
To modify the values for the Default Login, Default Domain, and SetHostName parameters, use one of the following utilities:
You can change the SetHostName value only through reged32.
Use the Server Config utility to modify the value only for Adaptive Server.
For general steps on using Server Config, see “Changing login security options”.
Use the regedt32 utility to change the value directly for use throughout your NT operating system.
For steps on using regedt32 to affect your operating system, see your NT operating system documentation.
