cancel
Showing results for 
Search instead for 
Did you mean: 

LDAP in Version 12

Former Member
2,889

Does version 12x support using active directory to log a user in ? I have looked into integrated passwords, but the issue is passwords are changed every 30 days. Seems pretty inefficent to have to change the users password to match the new ad password everytime. Perhaps I am miss reading this, any thoughts or ideas would be appreciated. Currently we are on version 10.x, I have both 11.x and 12.x in house looking to upgrade. Running 32bit version on a 64bit Windows machine.

Accepted Solutions (0)

Answers (2)

Answers (2)

graeme_perrow
Advisor
Advisor

No, SA does not support LDAP user authentication, but it is on our list of "enhancements to consider for a future release".

However, you do not need to change the user's password in SA to match the AD password. The SA user account needs to have a password, but it does not need to match the one used by integrated login.

Former Member
0 Kudos

Thanks Graeme, the error I was making was not putting in a password for the user in the database. Once I deleted the user and recreated them with a password that was different than the AD password and created the login mapping I was able to connect using the integrated option.

Former Member

Depending on your requirements, the integrated logins may work for you: http://dcx.sybase.com/index.html#1201/en/dbadmin/using-an-integrated-login.html

This allows the Windows username/password to be used to authenticate to an account on the database server. You can also setup a "guest" account for authentication of users who do not have an account mapping on the database server.

The username and password are authenticated against the server you specify. The only caveat is that you don't actually have to type the username/password to login to the database; only the current user logged in on the system is authenticated (and this means the user may also be required to login to the necessary domain rather than a local account to their machine).

Former Member
0 Kudos

perhaps I am not understanding the documentation correctly. I have created a new 11 database. I have set the login to integrated and standard. I have set the domain controler for the database. The user has been created in the database with the same id as the user logged onto the domain. The only way I can get the connection to automatically connect is to make sure that the user in the database is set up with the same password as in the domain. If this is the case than every 30 days when my users are required to change their domain password, the password in the database would also have to change to keep them in sync.

Is this correct or am I just missing some part of the picture here ?

Former Member
0 Kudos

You should be able to connect without making the passwords match. Perhaps you could test doing the "Guest" account only to see if the integrated login works. The guest account itself is used if an integrated login does not exist, it allows it to default to "Guest"; considering this, many users will have different passwords so the one stored in the database need not match.

Apart from that, are you still supplying username/password in the connection string and/or are you using the INTEGRATED=YES option?

Former Member
0 Kudos

Thanks Tyson, You are correct I was finally able to make the connection with non matching passwords. Thanks for the help.