Creating integrated logins for Windows user groups
In addition to creating integrated logins for individual Windows users, you can create integrated logins for Windows user
When a Windows user logs in, if they do not have an explicit integrated login mapping, but belong to a Windows user group
for which there is an integrated login mapping, the user connects to the database as the database user or group specified
in the Windows user group's integrated login mapping.
Members of multiple groups
If the Windows user belongs to more than one Windows user group, and more than one Windows user group on the computer has
an integrated login mapping in the database, then the integrated login only succeeds if all of the Windows user groups on
the computer have integrated login mappings to the same database user ID. If multiple Windows user groups have integrated
login mappings to different database user IDs, an error is returned and the integrated login fails.
For example, consider a database with two user IDs, dbuserA and dbuserB, and the Windows user windowsuser who belongs to the
Windows user groups xpgroupA and xpgroupB.
|This SQL statement...
||windowsuser to connect to the database using the integrated login mapping set explicitly for windowsuser.
||windowsuser to connect to the database using the integrated login mapping granted to xpgroupA.
||windowsuser to connect to the database because both Windows user groups that windowsuser belongs to have an integrated login
mapping to the same database user.
||No connection to the database. When windowsuser attempts to connect to the database, the integrated login fails because each
Windows user group has an integrated login mapping to a different database user and windowsuser is a member of both Windows
Domain Controller locations
By default, the computer the SQL Anywhere database server is running on is used to verify Windows user group membership. If
the Domain Controller server is a different computer than the one the database server is running on, you can specify the name
of the Domain Controller server using the integrated_server_name option. For example:
See integrated_server_name option [database].