Verifying your login to Adaptive Server using Kerberos authentication

To verify your login to Adaptive Server using Kerberos authentication, assume that:

• $SYBASE refers to your release and installation directory.

• $SYBASE_ASE refers to the Adaptive Server version directory that contains your server binary.

• $SYBASE_OCS refers to the Open Client/Server version directory.

Example 27

Example 28

sybmapname is loaded by Adaptive Server at runtime and uses its logic to do the necessary mapping.

The following actions and output further illustrate the sybmapname function described in Example 2. The sybmapname.c file containing the customized definition for syb__map_name() should be compiled and built as a shared object (or DLL), and finally placed in the appropriate path location. Start Adaptive Server with the Kerberos security mechanism enabled.

To initialize the Ticket Granted Ticket (TGT):

$ /krb5/bin/kinit johnd@public
Password for johnd@public:
$

To list the TGT:

$ /krb5/bin/klist
   Cache Type: Kerberos V5 credentials cache
   Cache Name: /krb5/tmp/cc/krb5cc_9781
Default principal: johnd@public

Log in as “sa” and verify the user login for “johnd”:

$ $SYBASE/$SYBASE_OCS/bin/isql -Usa -P 
      -Ipwd`/interfaces
1>

1> sp_displaylogin johnd
2> go
No login with the specified name exists.
(return status = 1)

1> sp_displaylogin JOHND
2> go
Suid: 4
Loginame: JOHND
Fullname:
Default Database: master
Default Language:
Auto Login Script:
Configured Authorization:
Locked: NO
Password expiration interval: 0
Password expired: NO
Minimum password length: 6
Maximum failed logins: 0
Current failed login attempts:
Authenticate with: ANY
(return status = 0)

Successful Kerberos authentication, which maps lower case johnd to uppercase JOHND using the sybmapname utility and allows user johnd to log in to Adaptive Server:

$ $SYBASE/$SYBASE_OCS/bin/isql -V -I'pwd'/interfaces
1>