Manualshelf

Neoview ODBC Drivers Manual (R2.5)

ManualsBrandsHP ManualsSoftwareHP Neoview Release 2.5 Software
31323334353637383940
You can configure the Neoview platform to notify you when your password will soon expire.
You can change your LDAP password, using the NCI ALTER PASSWORD command
described in the Neoview User Management and Security Administration Guide, provided that
the grace count configured on the LDAP server has not been exhausted.
NOTE: The Neoview platform does not provide means for a customer ODBC application to
change the password of an LDAP user. If you attempt to use ODBC connection attributes to
change the password of an LDAP user, the ODBC client reports an error.
Secure Login and Multiple-Role support for Neoview ODBC Drivers
Logging On as a Database User
Prior to logging on to the Neoview database as a database (LDAP) user, specify the connection
attribute SQL_ATTR_ROLENAME to specify the role. This attribute is defined in the file
hpsqlext.h. The value is a string containing any valid Neoview role name, including the prefix
“ROLE.” If you do not specify a role name, your default role applies.
Alternatively, you can specify the role name in the connection string, as the value of the ROLENAME
attribute:
"DSN=QRK0101;UID=REGEAST\USER1;PWD=pass1234;ROLENAME=ROLE.MGR;
CERTIFICATEDIR=C:\Security\MyCertificateDir;CERTIFICATEFILE=SEC01.cer;CERTIFICATEFILE_ACTIVE=SEC01Active.cer"
The maximum length of a role name is 128. However, a Neoview role name currently consists
of the prefix “ROLE.” followed by a maximum of 8 characters, so no valid Neoview role name
will approach 128 characters.
Logging on as a Platform User
To log on as a platform user, specify your platform username, and do not specify a role.
Specify the password in the form:
mypassword/acctpassword
where mypassword is the password associated with your platform username, and
acctpassword is the password associated with the underlying platform user ID. For example,
if you have a personal account as ROLE.SECMGR, not as a database user but as a platform user
(who has access to the platform even when the LDAP server is unavailable), you must enter your
own password, a forward slash, and then the password associated with ROLE.SECMGR.
Server Certificates
In this release of the Neoview security infrastructure, a self-signed server certificate and associated
private key are generated during software upgrade, and the server certificate is automatically
downloaded from the Neoview platform to the client workstation when you first connect to the
platform from that workstation. You can substitute a certificate signed by a Certificate Authority
(CA), if you prefer.
Because the same workstation can connect to multiple Neoview platforms, there may be multiple
certificates stored on the same workstation. At connection time, the client has the option to specify
the location to which the certificate should be downloaded. If you do not specify a location, the
certificate is downloaded to the directory you specified when you installed the driver. If you did
not specify a directory at installation time, the home directory is used by default.
36 HP Neoview ODBC Drivers Overview for UNIX