Chapter 14: Managing Adaptive Server Logins, Database Users, and Client Connections  Choosing and creating a password

Chapter 14: Managing Adaptive Server Logins, Database Users, and Client Connections

Overview

The responsibility of adding new logins to Adaptive Server, adding users to databases, and granting them permission to use commands and database objects is divided among the system security officer, system administrator, and database owner.

NoteSee “Adding new users” for information about creating login accounts for a particular server using sp_addlogin, which stores account information in the syslogins table on that server. You can also create and store login accounts on a LDAP server.

StepsAdding new users

  1. A system security officer uses sp_addlogin to create a server login account for a new user.

  2. A system administrator or database owner uses sp_adduser to add a user to a database or assign a user to a group. For more information, see “Creating groups”. You can give a user access to a database using an alias. See “Adding aliases”.

  3. A System Security officer grants specific roles to the user.

  4. A system administrator, database owner, or object owner grants the user or group specific permissions on specific commands and database objects. Users or groups can also be granted permission to grant specific permissions on objects to other users or groups. See Chapter 17, “Managing User Permissions” for detailed information about permissions.

Table 14-1 summarizes the system procedures and commands used for these tasks.

Table 14-1: Adding users to Adaptive Server and databases

Task

Required role

Command or procedure

Database

Create new logins, assign passwords, default databases, default language, and full name

System security officer

sp_addlogin

Any database

Create groups

Database owner or system administrator

sp_addgroup

User database

Create and assign roles

System security officer

create role, grant role

Master database

Add users to database and assign groups

Database owner or system administrator

sp_adduser

User database

Alias users to other database users

Database owner or system administrator

sp_addalias

User database

Grant groups, users, or roles permission to create or access database objects and run commands

Database owner, system administrator, system security officer, or object owner

grant

User database



Copyright © 2008. Sybase Inc. All rights reserved. Choosing and creating a password

View this document as PDF