SAP IQ 15 and above allows users to change their password using “NEWPWD”  dbisql connection string parameter

1. Create user

   (DBA)> create user myuser identified by sql

2. login to SAP IQ server as myuser

$ dbisql -c “uid=myuser;pwd=sql;eng=iqmpx1010c” -nogui

(myuser)> quit

3. Change myuser password  using  “NEWPWD” connection string parameter

$ dbisql -c “uid=myuser;pwd=sql;NEWPWD=newpass;eng=iqmpx1010c” -nogui

(myuser)> quit

4.  Connect to SAP IQ server as myuser to confirm that changed password is working

   

$ dbisql -c “uid=myuser;pwd=newpass;eng=iqmpx1010c” -nogui

(myuser)> exit

“NEWPWD” connection string can also be used to change expired password without DBA intervention

1. create user with login policy root and the password expires on next login

(DBA)>  create  user myuser identified by sql login policy root force password change on

Execution time: 0.083 seconds

2. User can change his password using “NEWPWD” connection string parameter

$ dbisql -c “uid=myuser;pwd=sql;NEWPWD=newpass;eng=iqmpx1010c” -nogui

(myuser)> quit

3. Confirm user can login using changed password.

]$ dbisql -c “uid=myuser;pwd=newpass;eng=iqmpx1010c” -nogui

(myuser)> quit

To report this post you need to login first.

2 Comments

You must be Logged on to comment or reply to a post.

  1. Volker Stöffler

    Good hint!

    I’d like to add that this also works for SQL Anywhere recent versions (12+).

    I’d also expect the connection property approach to work for connections using the ODBC driver and the JNI JDBC driver (named iAnywhere or SQL Anywhere JDBC driver).

    I wonder (and can’t currently confirm) if it also works for jConnect connections. According to the manuals, there is a property NEWPASSWORD, but since jConnect is mostly influenced by ASE capabilities, I don’t know if it matches the SQL Anywhere / IQ feature.

    And finally: For expired passwords, this method of changing is strictly required (if a user wants to change the expired password her- or himself). Passwords which are still active  can be changed simply by supplying the ALTER USER or GRANT CONNECT statement to the dbisql call in batch mode.

    (0) 
  2. Kirby Gehman

    Something to watch out for:

    If you use this method, anyone with access to “ps -ef” can see the connection string and therefore your new password while the dbisql session is open.

    (0) 

Leave a Reply