on 2010 Aug 24 5:05 PM
Is there a way (SQL Anywhere v11) to allow a custom authentication?
I'd like to allow a userid and password to be authenticated via LDAP.
Since the LDAP users can change daily it would be ideal if the Sybase user did not have to exist prior to the login. It's too much overhead to maintain users in both databases. I'd like to either add a user at that point or simply set all the "permissions and authorities" and move on.
I looked into the login_procedure option but it looks like at that point the connection has already been authenticated and the only option is to cancel.
Thank you for any suggestions.
Request clarification before answering.
Update: LDAP user authentication is now supported as of SQL Anywhere version 16.0.0. Documentation is here.
SQL Anywhere doesn't currently support LDAP User Authentication, although that is a feature we are considering for a future version.
You may be able to accomplish what you want using either Integrated Login or Kerberos support. Basically, depending on the configuration, they can authenticate the user logged into the Windows OS or Kerberos system (which includes Windows ActiveDirectory) and allow the user to login to the server without supplying a userid or password (instead the system passes and verifies their OS user credentials). You need to setup a mapping for each OS/Kerberos user or create the special guest database user as a catch-all for users that don't have explicit mappings.
See Integrated logins and Kerberos in the documentation for more info.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Here is the link to the Integrated Login help on DCX: http://dcx.sybase.com/index.html#1101en/dbadmin_en11/using-an-integrated-login.html and the link to the Kerberos setup: http://dcx.sybase.com/index.html#1101en/dbadmin_en11/da-kerberos-authentication.html
User | Count |
---|---|
46 | |
9 | |
8 | |
6 | |
5 | |
5 | |
4 | |
4 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.