Chapter 1: System Procedures

sp_maplogin

Description

Maps external users to Adaptive Server logins.

Syntax

sp_maplogin (authentication_mech | null), (client_username | null), 
	(action | login_name | null)

Parameters

authentication_mech: is one of the valid values specified for authenticate with option in sp_modifylogin.

client_username: is an external user name. This user name can be an operating system name, a user name for an LDAP server, or anything else that the PAM library can understand. A null value indicates that any login name is valid.

action: indicates create login or drop. When create login is used, the login is created as soon as the login is authenticated. drop is used to remove logins.

login_name: is an Adaptive Server login that already exists in syslogins

Examples

Example 1

Maps external user “jsmith” to Adaptive Server user “guest”. Once authenticated, “jsmith” gets the privileges of “guest”. The audit login record shows both the client_username and the Adaptive Server user name:

sp_maplogin NULL, "jsmith", "guest"

Example 2

Tells Adaptive Server to create a new login for all external users authenticated with PAM, in case a login does not already exist:

sp_maplogin PAM, NULL, "create login"

Usage

Permissions

Only a System Administrator can execute sp_maplogin.

Auditing

Values in event and extrainfo columns from the sysaudits table are:

Event	Audit option	Command or access audited	Information in extrainfo
38	exec_procedure	Execution of a procedure	Roles – Current active roles Keywords or options – NULL Previous value – NULL Current value – NULL Other information – All input parameters Proxy information – Original login name, if set proxy in effect

View this book as PDF