Database | Proc | Application | Created | Links |
sybsystemprocs | sp_ldapadmin ![]() | ![]() | 31 Aug 14 | Defects Dependencies |
1 2 3 /* 4 ** file: ldapadmin 5 ** Administer LDAP User Authentication 6 ** 7 ** Note: sp_ldapadmin uses the ssl_admin() built-in function to 8 ** transition into ASE executable from this stored procedure. 9 ** 10 ** amadsen January 2003 11 ** 12 */ 13 14 /* 15 ** Messages for "sp_ldapadmin" 16 ** 17 ** 17260, "Can't run %1! from within a transaction." 18 ** 19 */ 20 create procedure sp_ldapadmin 21 @cmd varchar(4096) = null, 22 @opt1 varchar(4096) = null, 23 @opt2 varchar(4096) = null 24 as 25 26 /* 27 ** Parameters are nominally allowed very large lengths here. 28 ** However, lengths are checked in the builtin function to detect and 29 ** report appropriate errors. Otherwise parameters would be silently 30 ** truncated by this stored procedure. 31 */ 32 33 /* return value from ssl_admin() built-in function */ 34 declare @retval int 35 36 /* local variables for URL values and access account DN */ 37 declare @primaryURL varchar(255) 38 declare @secondaryURL varchar(255) 39 declare @dnlookupURL varchar(255) 40 declare @secdnlookupURL varchar(255) 41 declare @accessacctDN varchar(255) 42 declare @secaccessacctDN varchar(255) 43 44 declare @isLDAPSSupported int 45 declare @primaryTLS int 46 declare @secondaryTLS int 47 declare @primarystate int 48 declare @secondarystate int 49 declare @primarystatus varchar(10) 50 declare @secondarystatus varchar(10) 51 52 declare @timeoutvalue int 53 declare @maxldapuantvthrds int 54 declare @maxntvthrds int 55 declare @dumpthrds int 56 declare @true varchar(10) 57 declare @false varchar(10) 58 declare @abandon int 59 /* Maximum LDAPUA descriptors per engine */ 60 declare @maxldapuadesc int 61 /* 62 ** Log interval that determines frequency of sending messages to error log. 63 ** Expressed in minutes. 64 */ 65 declare @log_interval int 66 /* Number of times to retry LDAPUA */ 67 declare @numretries int 68 declare @failback_interval int 69 70 declare @valid_opt1 varchar(4096) 71 72 73 /* 74 ** Establish a version to pass to built-in function. 75 */ 76 declare @vers int 77 select @vers = 0 78 select @timeoutvalue = NULL 79 select @maxldapuantvthrds = NULL 80 select @abandon = NULL 81 select @primarystate = NULL 82 select @secondarystate = NULL 83 select @maxldapuadesc = NULL 84 select @log_interval = NULL 85 select @numretries = NULL 86 87 select @valid_opt1 = @opt1 88 89 90 /* 91 ** If we're in a transaction, disallow this since it might make recovery 92 ** impossible. 93 */ 94 if @@trancount > 0 95 begin 96 /* 97 ** 17260, "Can't run %1! from within a transaction." 98 */ 99 raiserror 17260, "sp_ldapadmin" 100 return (1) 101 end 102 else 103 begin 104 set chained off 105 end 106 set transaction isolation level 1 107 108 /* 109 ** Check if user has sso role. proc_role() will do auditing 110 ** if required and will also print error message if required. 111 */ 112 if (proc_role("sso_role") = 0) 113 return (1) 114 115 select @isLDAPSSupported = ssl_admin("is_ldaps_supported", "", "", @vers) 116 117 /* 118 ** Begin command processing. 119 */ 120 121 if (@cmd = "set_primary_url") or (@cmd = "set_secondary_url") or 122 (@cmd = "set_dn_lookup_url") or (@cmd = "set_access_acct") or 123 (@cmd = "set_secondary_dn_lookup_url") or 124 (@cmd = "suspend") or (@cmd = "activate") or 125 (@cmd = "set_secondary_access_acct") or 126 (@cmd = "list_access_acct") or 127 (@cmd = "list_urls") or (@cmd = "check_url") or 128 (@cmd = "check_login") or (@cmd is NULL) or 129 (@cmd = "list") or 130 (@cmd = "set_timeout") or 131 (@cmd = "set_max_ldapua_native_threads") or 132 (@cmd = "set_abandon_ldapua_when_full") or 133 (@cmd = "set_max_ldapua_desc") or 134 (@cmd = "set_log_interval") or 135 (@cmd = "set_num_retries") or 136 (@cmd = "starttls_on_primary") or 137 (@cmd = "starttls_on_secondary") or 138 (@cmd = "set_failback_interval") or 139 (@cmd = "reinit_descriptors") 140 begin 141 142 /* Process list, NULL, and list_urls command in sproc instead of builtin */ 143 if (@cmd = "list_urls") or (@cmd = "list") or (@cmd is NULL) 144 begin 145 select @primaryURL = comments, @primarystate = int_value 146 from master.dbo.sysattributes 147 where class = 17 and attribute = 0 148 149 select @secondaryURL = comments, @secondarystate = int_value 150 from master.dbo.sysattributes 151 where class = 17 and attribute = 1 152 153 select @dnlookupURL = comments from master.dbo.sysattributes 154 where class = 17 and attribute = 2 155 156 select @secdnlookupURL = comments from master.dbo.sysattributes 157 where class = 17 and attribute = 7 158 159 select @primaryTLS = int_value from master.dbo.sysattributes 160 where class = 17 and attribute = 12 161 162 select @secondaryTLS = int_value from master.dbo.sysattributes 163 where class = 17 and attribute = 13 164 165 if (@cmd = "list_urls") 166 begin 167 print "Primary URL: '%1!'", @primaryURL 168 print "Secondary URL: '%1!'", @secondaryURL 169 print "Distinguished Name Lookup URL: '%1!'", @dnlookupURL 170 print "Secondary Distinguished Name Lookup URL: '%1!'", @secdnlookupURL 171 return (0) 172 end 173 /* End Processing of list_urls , quit */ 174 175 /* Process 'list' and 'NULL' commands. Both commands produce 176 ** the same output . 177 */ 178 select @accessacctDN = comments 179 from master.dbo.sysattributes 180 where class = 17 and attribute = 3 181 182 select @timeoutvalue = int_value from 183 master.dbo.sysattributes 184 where class = 17 and attribute = 4 185 186 select @maxldapuantvthrds = int_value from 187 master.dbo.sysattributes 188 where class = 17 and attribute = 5 189 190 select @abandon = int_value from 191 master.dbo.sysattributes 192 where class = 17 and attribute = 6 193 194 select @secaccessacctDN = comments 195 from master.dbo.sysattributes 196 where class = 17 and attribute = 8 197 198 select @maxldapuadesc = int_value from 199 master.dbo.sysattributes 200 where class = 17 and attribute = 9 201 202 select @log_interval = int_value from 203 master.dbo.sysattributes 204 where class = 17 and attribute = 10 205 206 select @numretries = int_value from 207 master.dbo.sysattributes 208 where class = 17 and attribute = 11 209 210 select @failback_interval = int_value from 211 master.dbo.sysattributes 212 where class = 17 and attribute = 14 213 214 215 /******* Start LDAP URL and state information *********/ 216 217 select @primarystatus = 218 case @primarystate 219 when 1 then "RESET" 220 when 2 then "READY" 221 when 3 then "ACTIVE" 222 when 4 then "FAILED" 223 when 5 then "SUSPENDED" 224 else "NOT SET" 225 end 226 227 if (@primaryURL != NULL and @primarystate is NULL) 228 select @primarystatus = "READY" 229 230 select @secondarystatus = 231 case @secondarystate 232 when 1 then "RESET" 233 when 2 then "READY" 234 when 3 then "ACTIVE" 235 when 4 then "FAILED" 236 when 5 then "SUSPENDED" 237 else "NOT SET" 238 end 239 240 if (@secondaryURL != NULL and @secondarystate is NULL) 241 select @secondarystatus = "READY" 242 243 244 print "Primary:" 245 print " URL: '%1!'", @primaryURL 246 print " DN Lookup URL: '%1!'", @dnlookupURL 247 print " Access Account: '%1!'", @accessacctDN 248 if (@primarystate = 2 or @primarystate = 3) 249 print " Active: 'TRUE'" 250 else 251 print " Active: 'FALSE'" 252 print " Status: '%1!'", @primarystatus 253 if (@isLDAPSSupported = 1) 254 begin 255 if (@primaryTLS = 1) 256 print " StartTLS on Primary LDAP URL: 'TRUE'" 257 else 258 print " StartTLS on Primary LDAP URL: 'FALSE'" 259 end 260 print "Secondary:" 261 print " URL: '%1!'", @secondaryURL 262 print " DN Lookup URL: '%1!'", @secdnlookupURL 263 print " Access Account: '%1!'", @secaccessacctDN 264 if (@secondarystate = 2 or @secondarystate = 3) 265 print " Active: 'TRUE'" 266 else 267 print " Active: 'FALSE'" 268 print " Status: '%1!'", @secondarystatus 269 if (@isLDAPSSupported = 1) 270 begin 271 if (@secondaryTLS = 1) 272 print " StartTLS on Secondary LDAP URL: 'TRUE'" 273 else 274 print " StartTLS on Secondary LDAP URL: 'FALSE'" 275 end 276 277 /******* End LDAP URL state information *********/ 278 279 280 281 /* Now print timeout and LDAPUA native thread information */ 282 283 select @retval = @@error 284 285 286 if (@timeoutvalue = NULL) 287 begin 288 /* Default value */ 289 select @timeoutvalue = - 1 290 end 291 292 if (@failback_interval = NULL) 293 begin 294 /* Use default failback time if nothing is set */ 295 select @failback_interval = - 1 296 end 297 298 299 /* 300 ** If there is no row for timeout in sysattributes then 301 ** the default -1(10000) milliseconds value is listed. 302 ** When the default timeout value is changed, this 303 ** listing also needs to be changed. 304 */ 305 if (@timeoutvalue = - 1) 306 print "Timeout value: '%1!'(10000) milliseconds", 307 @timeoutvalue 308 else 309 print "Timeout value: '%1!' milliseconds", 310 @timeoutvalue 311 312 if (@log_interval = NULL) 313 begin 314 select @log_interval = 3 315 end 316 print "Log interval: '%1!' minutes", 317 @log_interval 318 319 if (@numretries = NULL) 320 begin 321 select @numretries = 3 322 end 323 print "Number of retries: '%1!'", 324 @numretries 325 326 /* display default value when row not found.*/ 327 if (@maxldapuantvthrds = NULL) 328 begin 329 /* 330 ** Default value: Maximum ldapua native threads per engine 331 ** is sum of max native threads per engine and the number 332 ** of dump threads. 333 */ 334 select @maxntvthrds = value from 335 master.dbo.sysconfigures where 336 name = 'max native threads per engine' 337 select @dumpthrds = value from 338 master.dbo.sysconfigures where 339 name = 'number of dump threads' 340 select @maxldapuantvthrds = @maxntvthrds - 341 @dumpthrds 342 end 343 print "Maximum LDAPUA native threads per Engine: '%1!'", 344 @maxldapuantvthrds 345 346 if (@maxldapuadesc = NULL) 347 begin 348 select @maxldapuadesc = 20 349 end 350 print "Maximum LDAPUA descriptors per Engine: '%1!'", 351 @maxldapuadesc 352 353 /* display default value when row not found.*/ 354 if (@abandon = NULL) 355 begin 356 select @abandon = 0 357 end 358 if (@abandon = 1) 359 begin 360 /* 17431, "true" */ 361 exec sp_getmessage 17431, @true out 362 end 363 else 364 begin 365 /* 17432, "false" */ 366 exec sp_getmessage 17432, @true out 367 end 368 print "Abandon LDAP user authentication when full: '%1!'", @true 369 370 if (@failback_interval = - 1) 371 print "Failback interval: '%1!'(15) minutes", @failback_interval 372 else 373 begin 374 if (@failback_interval = 0) 375 print "Failback interval: '%1!'(infinite) minutes", @failback_interval 376 else 377 print "Failback interval: '%1!' minutes", @failback_interval 378 end 379 end 380 else 381 begin 382 if (@cmd = "list_access_acct") 383 begin 384 select @accessacctDN = comments 385 from master.dbo.sysattributes 386 where class = 17 and attribute = 3 387 388 select @secaccessacctDN = comments 389 from master.dbo.sysattributes 390 where class = 17 and attribute = 8 391 392 select @retval = @@error 393 394 print "Access Account DN: '%1!'", @accessacctDN 395 print "Secondary Access Account DN: '%1!'", @secaccessacctDN 396 397 end 398 else 399 begin 400 if (@cmd = "suspend") or (@cmd = "activate") or 401 (@cmd = "set_timeout") or 402 (@cmd = "set_max_ldapua_native_threads") or 403 (@cmd = "set_abandon_ldapua_when_full") or 404 (@cmd = "set_max_ldapua_desc") or 405 (@cmd = "set_log_interval") or 406 (@cmd = "set_num_retries") or 407 (@cmd = "starttls_on_primary") or 408 (@cmd = "starttls_on_secondary") or 409 (@cmd = "set_failback_interval") 410 begin 411 select @valid_opt1 = rtrim(ltrim(@opt1)) 412 end 413 /* validate {true|false} valid_opt1 */ 414 if (@cmd = "set_abandon_ldapua_when_full") or 415 (@cmd = "starttls_on_primary") or 416 (@cmd = "starttls_on_secondary") 417 begin 418 /* 17431, "true" */ 419 exec sp_getmessage 17431, @true out 420 421 /* 17432, "false" */ 422 exec sp_getmessage 17432, @false out 423 if ((@valid_opt1 != NULL) 424 and ((lower(@valid_opt1) not in ("true", @true)) 425 and (lower(@valid_opt1) not in ("false", @false)))) 426 begin 427 /* 428 ** 19022, 429 **"The '%1!' parameter must be 'true' or 'false'." 430 */ 431 raiserror 19022, @valid_opt1 432 return 1 433 end 434 end 435 /* command actions handled in builtin */ 436 select @retval = ssl_admin(@cmd, @valid_opt1, @opt2, @vers) 437 end 438 end 439 440 if (@retval != 0) 441 begin 442 return (1) 443 end 444 end 445 else 446 begin 447 448 print "sp_ldapadmin Usage: sp_ldapadmin command [, option1 [, option2]]" 449 print "sp_ldapadmin commands:" 450 print "sp_ldapadmin 'set_primary_url', 'url'" 451 print "sp_ldapadmin 'set_secondary_url', 'url'" 452 print "sp_ldapadmin 'set_dn_lookup_url', 'url'" 453 print "sp_ldapadmin 'set_secondary_dn_lookup_url', 'url'" 454 print "sp_ldapadmin 'set_access_acct', 'distinguished name', 'password'" 455 print "sp_ldapadmin 'set_secondary_access_acct', 'distinguished name', 'password'" 456 print "sp_ldapadmin 'suspend', {'primary' | 'secondary'}" 457 print "sp_ldapadmin 'activate', {'primary' | 'secondary'}" 458 print "sp_ldapadmin 'list'" 459 print "sp_ldapadmin 'list_urls'" 460 print "sp_ldapadmin 'list_access_acct'" 461 print "sp_ldapadmin 'check_url', 'url'" 462 print "sp_ldapadmin 'check_login', 'name'" 463 print "sp_ldapadmin 'set_timeout', timeout_in_milli_seconds" 464 print "sp_ldapadmin 'set_log_interval', log_interval in minutes" 465 print "sp_ldapadmin 'set_num_retries', num_retries" 466 print "sp_ldapadmin 'set_max_ldapua_native_threads', max_ldapua_native_threads" 467 print "sp_ldapadmin 'set_max_ldapua_desc', max_ldapua_desc" 468 print "sp_ldapadmin 'set_abandon_ldapua_when_full', {true|false}" 469 if (@isLDAPSSupported = 1) 470 begin 471 print "sp_ldapadmin 'starttls_on_primary', {true|false}" 472 print "sp_ldapadmin 'starttls_on_secondary', {true|false}" 473 end 474 print "sp_ldapadmin 'set_failback_interval', time_in_minutes" 475 print "sp_ldapadmin 'reinit_descriptors'" 476 print "sp_ldapadmin 'help'" 477 478 end 479 480 481 482 return (0) 483
exec sp_procxmode 'sp_ldapadmin', 'AnyMode' go Grant Execute on sp_ldapadmin to sso_role go
DEFECTS | |
![]() | 115 |
![]() | master..sysattributes |
![]() | master..sysconfigures |
![]() | 147 |
![]() | 151 |
![]() | 154 |
![]() | 157 |
![]() | 160 |
![]() | 163 |
![]() | 180 |
![]() | 184 |
![]() | 188 |
![]() | 192 |
![]() | 196 |
![]() | 200 |
![]() | 204 |
![]() | 208 |
![]() | 212 |
![]() | 386 |
![]() | 390 |
![]() | |
![]() | |
![]() | 227 |
![]() | 240 |
![]() | 286 |
![]() | 292 |
![]() | 312 |
![]() | 319 |
![]() | 327 |
![]() | 346 |
![]() | 354 |
![]() | 423 |
![]() | 361 |
![]() | 366 |
![]() | 419 |
![]() | 422 |
![]() | 100 |
![]() | 112 |
![]() | 113 |
![]() | 165 |
![]() | 171 |
![]() | 227 |
![]() | 240 |
![]() | 248 |
![]() | 253 |
![]() | 255 |
![]() | 264 |
![]() | 269 |
![]() | 271 |
![]() | 286 |
![]() | 292 |
![]() | 305 |
![]() | 312 |
![]() | 319 |
![]() | 327 |
![]() | 346 |
![]() | 354 |
![]() | 358 |
![]() | 370 |
![]() | 374 |
![]() | 382 |
![]() | 423 |
![]() | 440 |
![]() | 442 |
![]() | 469 |
![]() | 482 |
![]() | 145 |
![]() | 149 |
![]() | 153 |
![]() | 156 |
![]() | 159 |
![]() | 162 |
![]() | 178 |
![]() | 182 |
![]() | 186 |
![]() | 190 |
![]() | 194 |
![]() | 198 |
![]() | 202 |
![]() | 206 |
![]() | 210 |
![]() | 334 |
![]() | 337 |
![]() | 384 |
![]() | 388 |
![]() | 106 |
![]() (class, attribute, object_type, object, object_info1, object_info2, object_info3, object_cinfo) Intersection: {class, attribute} | 147 |
![]() (class, attribute, object_type, object, object_info1, object_info2, object_info3, object_cinfo) Intersection: {class, attribute} | 151 |
![]() (class, attribute, object_type, object, object_info1, object_info2, object_info3, object_cinfo) Intersection: {class, attribute} | 154 |
![]() (class, attribute, object_type, object, object_info1, object_info2, object_info3, object_cinfo) Intersection: {class, attribute} | 157 |
![]() (class, attribute, object_type, object, object_info1, object_info2, object_info3, object_cinfo) Intersection: {class, attribute} | 160 |
![]() (class, attribute, object_type, object, object_info1, object_info2, object_info3, object_cinfo) Intersection: {class, attribute} | 163 |
![]() (class, attribute, object_type, object, object_info1, object_info2, object_info3, object_cinfo) Intersection: {class, attribute} | 180 |
![]() (class, attribute, object_type, object, object_info1, object_info2, object_info3, object_cinfo) Intersection: {class, attribute} | 184 |
![]() (class, attribute, object_type, object, object_info1, object_info2, object_info3, object_cinfo) Intersection: {class, attribute} | 188 |
![]() (class, attribute, object_type, object, object_info1, object_info2, object_info3, object_cinfo) Intersection: {class, attribute} | 192 |
![]() (class, attribute, object_type, object, object_info1, object_info2, object_info3, object_cinfo) Intersection: {class, attribute} | 196 |
![]() (class, attribute, object_type, object, object_info1, object_info2, object_info3, object_cinfo) Intersection: {class, attribute} | 200 |
![]() (class, attribute, object_type, object, object_info1, object_info2, object_info3, object_cinfo) Intersection: {class, attribute} | 204 |
![]() (class, attribute, object_type, object, object_info1, object_info2, object_info3, object_cinfo) Intersection: {class, attribute} | 208 |
![]() (class, attribute, object_type, object, object_info1, object_info2, object_info3, object_cinfo) Intersection: {class, attribute} | 212 |
![]() (name, parent, config) Intersection: {name} | 336 |
![]() (name, parent, config) Intersection: {name} | 339 |
![]() (class, attribute, object_type, object, object_info1, object_info2, object_info3, object_cinfo) Intersection: {class, attribute} | 386 |
![]() (class, attribute, object_type, object, object_info1, object_info2, object_info3, object_cinfo) Intersection: {class, attribute} | 390 |
![]() | 20 |
![]() | 20 |
![]() | 20 |
DEPENDENCIES |
PROCS AND TABLES USED calls proc sybsystemprocs..sp_getmessage ![]() reads table sybsystemprocs..sysusermessages ![]() reads table master..sysmessages (1) ![]() reads table master..syslanguages (1) ![]() calls proc sybsystemprocs..sp_validlang ![]() reads table master..syslanguages (1) ![]() reads table master..sysattributes (1) ![]() reads table master..sysconfigures (1) ![]() |