sp_maplogin

Description

Maps external users to Adaptive Server logins.

Syntax

sp_maplogin (authentication_mech | null), (client_username | null), 
	(action | login_name | null)

Parameters

authentication_mech

is one of the valid values specified for authenticate with option in sp_modifylogin.

client_username

is an external user name. This user name can be an operating system name, a user name for an LDAP server, or anything else that the PAM library can understand. A null value indicates that any login name is valid.

action

indicates create login or drop. When create login is used, the login is created as soon as the login is authenticated. drop is used to remove logins.

login_name

is an Adaptive Server login that already exists in syslogins

Examples

Example 1

Maps external user “jsmith” to Adaptive Server user “guest”. Once authenticated, “jsmith” gets the privileges of “guest”. The audit login record shows both the client_username and the Adaptive Server user name:

sp_maplogin NULL, "jsmith", "guest"

Example 2

Tells Adaptive Server to create a new login for all external users authenticated with PAM, in case a login does not already exist:

sp_maplogin PAM, NULL, "create login"

Usage

Permissions

Only a System Administrator can execute sp_maplogin.

Auditing

Values in event and extrainfo columns from the sysaudits table are:

Event

Audit option

Command or access audited

Information in extrainfo

38

exec_procedure

Execution of a procedure

  • Roles – Current active roles

  • Keywords or options – NULL

  • Previous value – NULL

  • Current value – NULL

  • Other information – All input parameters

  • Proxy information – Original login name, if set proxy in effect