Click here to view and discuss this page in DocCommentXchange. In the future, you will be sent there automatically.

SQL Anywhere 11.0.1 » SQL Anywhere Server - Database Administration » Starting and Connecting to Your Database » Connection parameters and network protocol options » Connection parameters


Kerberos connection parameter [KRB]

Specifies whether Kerberos authentication can be used when connecting to the database server.


All platforms except Windows Mobile.


YES, NO, SSPI, or GSS-API-library-file




The Kerberos [KRB] connection parameter has the following settings:

  • YES   A Kerberos authenticated login is attempted.

  • NO   No Kerberos authenticated login is attempted. This is the default.

  • SSPI   A Kerberos authenticated login is attempted, and the built-in Windows SSPI interface is used instead of a GSS-API library. SSPI can only be used on Windows platforms, and it cannot be used with a Key Distribution Center (KDC) other than the Domain Controller Active Directory KDC. If your Windows client computer has already logged in to a Windows domain, SSPI can be used without needing to install or configure a Kerberos client.

  • GSS-API-library-file   A Kerberos authenticated login is attempted, and this string specifies the file name of the Kerberos GSS-API library (or shared object on Unix). This is only required if the Kerberos client uses a different file name for the Kerberos GSS-API library than the default, or if there are multiple GSS-API libraries installed on the computer.

The UserID and Password connection parameters are ignored when using a Kerberos authenticated login.

To use Kerberos authentication, a Kerberos client must already be installed and configured (nothing needs to be done for SSPI), the user must have already logged in to Kerberos (have a valid ticket-granting ticket), and the database server must have enabled and configured Kerberos authenticated logins.

See also
Kerberos=c:\Program Files\MIT\Kerberos\bin\gssapi32.dll