ALTER USER

Use the ALTER USER command to change the settings, such as the password, for the specified user. You can change more than one setting in a single ALTER USER command.

Syntax

ALTER USER 'user_name'
 SET PASSWORD 'password' [ AUTHORIZE PASSWORD 'old_password' ] [ ENCRYPTED ]
 SET FULL NAME 'full_user_name'
 SET ENABLED { TRUE | FALSE }
 SET PAM { TRUE | FALSE }
 ASSIGN [ RESTRICTION ] FILTER restriction_filter_name
 REMOVE [ RESTRICTION ] FILTER restriction_filter_name ;

The user_name is a text string containing the unique user name for the user being modified. This name cannot be changed.

Use the PASSWORD setting to change the password for the specified user. Note that you cannot change the password of a user that is externally authenticated in an LDAP system. You can change the password of a user that is externally authenticated in a PAM system only if the external PAM system has been configured to allow this. If allowed to change the password of a PAM-authenticated user, you must also use the AUTHORIZE PASSWORD keywords to specify the old password.

Use the ENABLED setting to activate (TRUE) or deactivate (FALSE) the specified user. An activated user has login access to the system.

Set PAM to TRUE to enable the user to be externally authenticated. The Sec.ExternalAuthentication ObjectServer property must also be set to either PAM or LDAP, as appropriate for your authentication system. If PAM is set to FALSE or Sec.ExternalAuthentication is set to none, the user cannot be authenticated externally. If you want to perform ObjectServer authentication, set PAM to FALSE.

Use the ASSIGN or REMOVE RESTRICTION FILTER settings to assign or remove the restriction filters that apply to the user. Only one restriction filter per table can be assigned to a user.

Example

alter user 'joe' set password 'topsecret';