Adaptive Server increases security by integrating the default Adaptive Server login process with Windows security features. The resulting integrated security modes add the following conveniences for users:
Authorized users do not have to maintain separate login passwords for Adaptive Server and Windows.
System Administrators can take advantage of Windows security features such as encrypted passwords, password aging, domain-wide user accounts, and Windows-based user and group administration.
Combined login security operates only over network protocols that support authenticated connections between clients and servers. Such connections are referred to as trusted connections.
Trusted connections are limited to client applications that access Adaptive Server by using the Named Pipes protocol.
Other network
protocols, such as TCP/IP sockets and IPX/SPX,
do not support authenticated connections, so clients on these protocols
are handled according to the standard Adaptive Server login mechanism.
A System Administrator must use sp_grantlogin to assign permissions to Windows users and groups. Using sp_grantlogin, the System Administrator has the following additional options:
Assigning one or more Adaptive Server roles to Windows users and groups
Designating that the user or group should receive the default database object permissions assigned by the grant command
If the System Administrator does not use sp_grantlogin to assign user or group permissions, users cannot log in through trusted connections. For more information, see “Permitting trusted connections”.
Adaptive Server
does not permit trusted connections for Windows users named “sa.” The
user name “sa” is reserved for the default Adaptive
Server System Administrator account.
Adaptive Server provides the following modes for configuring login security:
Standard
Integrated
Mixed
