on 2011 Aug 24 3:26 PM
Does version 12x support using active directory to log a user in ? I have looked into integrated passwords, but the issue is passwords are changed every 30 days. Seems pretty inefficent to have to change the users password to match the new ad password everytime. Perhaps I am miss reading this, any thoughts or ideas would be appreciated. Currently we are on version 10.x, I have both 11.x and 12.x in house looking to upgrade. Running 32bit version on a 64bit Windows machine.
No, SA does not support LDAP user authentication, but it is on our list of "enhancements to consider for a future release".
However, you do not need to change the user's password in SA to match the AD password. The SA user account needs to have a password, but it does not need to match the one used by integrated login.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Depending on your requirements, the integrated logins may work for you: http://dcx.sybase.com/index.html#1201/en/dbadmin/using-an-integrated-login.html
This allows the Windows username/password to be used to authenticate to an account on the database server. You can also setup a "guest" account for authentication of users who do not have an account mapping on the database server.
The username and password are authenticated against the server you specify. The only caveat is that you don't actually have to type the username/password to login to the database; only the current user logged in on the system is authenticated (and this means the user may also be required to login to the necessary domain rather than a local account to their machine).
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
perhaps I am not understanding the documentation correctly. I have created a new 11 database. I have set the login to integrated and standard. I have set the domain controler for the database. The user has been created in the database with the same id as the user logged onto the domain. The only way I can get the connection to automatically connect is to make sure that the user in the database is set up with the same password as in the domain. If this is the case than every 30 days when my users are required to change their domain password, the password in the database would also have to change to keep them in sync.
Is this correct or am I just missing some part of the picture here ?
You should be able to connect without making the passwords match. Perhaps you could test doing the "Guest" account only to see if the integrated login works. The guest account itself is used if an integrated login does not exist, it allows it to default to "Guest"; considering this, many users will have different passwords so the one stored in the database need not match.
Apart from that, are you still supplying username/password in the connection string and/or are you using the INTEGRATED=YES option?
User | Count |
---|---|
66 | |
11 | |
10 | |
10 | |
9 | |
8 | |
6 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.