Users who log on with the TD2 mechanism are not subject to local policy because they are not authenticated or authorized in the directory. When you specify a Vantage username for -u, TDGSS looks in the TdgssUserConfigFile.xml to see if a global policy applies to the user.
$ tdspolicy -u td2user –i 188.8.131.52 Querying policy using the following parameters: Teradata user: td2user IP address: 184.108.40.206 Mechanisms: td2 Confidentiality QoPs: default
where the Vantage user specified by -u:
- Can use only the TD2 mechanism to log on.
- Confidentiality is required, but because a TD2 user is not authenticated or authorized in the directory, QOP strength defaults to the DEFAULT QOP.