Use sp_addlogin to add a new login name to Adaptive Server. You do not use it to give the user permission to access user databases. Use sp_adduser for that purpose. Only the System Security Officer can execute sp_addlogin. The syntax is:
sp_addlogin loginame, passwd [, defdb] [, deflanguage [, fullname]]]
where:
loginame – is the new user’s login name. The login name must follow the rules for identifiers and must be unique on Adaptive Server. To simplify both the login process and server administration, make the Adaptive Server login name the same as the user’s operating system login name. This makes logging in to Adaptive Server easier because many client programs use the operating system login name as a default. It also simplifies management of server and operating system login accounts, and makes it easier to correlate usage and audit data generated by Adaptive Server and by the operating system.
passwd – is the password for the new user. For guidelines on choosing and creating secure passwords, see “Choosing and creating a password”. For information on changing a password, see “Changing passwords”.
defdb – is the default database, where the user starts each session of Adaptive Server.
The default database is master. To discourage users from creating database objects in the master database, assign a default database other than master to most users.
A System Administrator can change anyone’s default database with sp_modifylogin. Other users can change only their own default database.
After specifying the default database, add the user to the default database with sp_adduser so that he or she can log in directly to the default database.
deflanguage – is the default language in which the user’s prompts and messages are displayed. If you omit this parameter, Adaptive Server’s default language is used. A System Administrator can change any user’s default language with sp_modifylogin. Other users can change only their own language.
fullname – is the full name of the user. This is useful for documentation and identification purposes. If omitted, no full name is added. A System Administrator can change any user’s full name with sp_modifylogin. Other users can change only their own full name.
The following statement sets up an account for the user “maryd” with the password “100cents,” the default database (master), the default language, and no full name:
sp_addlogin "maryd", "100cents"
The password requires quotation marks because it begins with 1.
After this statement is executed, “maryd” can log in to Adaptive Server. She is automatically treated as a “guest” user in master, with limited permissions, unless she has been specifically given access to master.
The following statement sets up a login account (“omar_khayyam”) and password (“rubaiyat”) and makes pubs2 the default database for this user:
sp_addlogin omar_khayyam, rubaiyat, pubs2
To specify a full name for a user and use the default database and language, specify null in place of the defdb and deflanguage parameters. For example:
sp_addlogin omar, rubaiyat, null, null, "Omar Khayyam"
Alternatively, you can specify a parameter name, in which case you do not have to specify all the parameters. For example:
sp_addlogin omar, rubaiyat, @fullname = "Omar Khayyam"
When you execute sp_addlogin, Adaptive Server adds a row to master.dbo.syslogins, assigns a unique user ID (suid) for the new user, and fills in other information. When a user logs in, Adaptive Server looks in syslogins for the name and password provided by the user. The password column is encrypted with a one-way algorithm so it is not human-readable.
The suid column in syslogins uniquely identifies each user on Adaptive Server. A user’s suid remains the same, no matter what database he or she is using. The suid 1 is always assigned to the default “sa” account that is created when Adaptive Server is installed. Other users’ server user IDs are integers assigned consecutively by Adaptive Server each time sp_addlogin is executed.
Copyright © 2005. Sybase Inc. All rights reserved. |