Creating integrated logins for Windows user groups
When a Windows user logs in, if they do not have an explicit integrated login mapping, but belong to a Windows user group
for which there is an integrated login mapping, the user connects to the database as the database user or group specified
in the Windows user group's integrated login mapping.
Members of multiple groups
If the Windows user belongs to more than one Windows user group, and more than one Windows user group on the computer has
an integrated login mapping in the database, then the integrated login only succeeds if all the Windows user groups on the
computer have integrated login mappings to the same database user ID. If multiple Windows user groups have integrated login
mappings to different database user IDs, an error is returned and the integrated login fails.
For example, consider a database with two user IDs, dbuserA and dbuserB, and the Windows user windowsuser who belongs to the
Windows user groups xpgroupA and xpgroupB.
|This SQL statement...
||windowsuser to connect to the database using the integrated login mapping set explicitly for windowsuser.
||windowsuser to connect to the database using the integrated login mapping granted to xpgroupA.
||windowsuser to connect to the database because both Windows user groups that windowsuser belongs to have an integrated login
mapping to the same database user.
||No connection to the database. When windowsuser attempts to connect to the database, the integrated login fails because each
Windows user group has an integrated login mapping to a different database user and windowsuser is a member of both Windows
Domain Controller locations
By default, the computer on which the SQL Anywhere database server is running is used to verify Windows user group membership.
If the Domain Controller server is on a different computer than the database server, you can specify the name of the Domain
Controller server using the integrated_server_name option. For example:
See integrated_server_name option [database].