LOGMECH and LOGDATA - Basic Teradata Query

Basic Teradata Query Reference

Basic Teradata Query
Release Number
October 2018
English (United States)
Last Update
Product Category
Teradata Tools and Utilities



This control enables users to specify the logon mechanism, such as NTLM, KRB5, LDAP or TD2, which defines the security context under which the established sessions will operate.

If the LOGMECH command is not used, or is used without specifying a logmech_name, the logon will proceed with using the default mechanism name indicated in the TeraGSS XML config file.


This control enables users to specify a character string that is used to supply non-Teradata-managed user credentials to an external authentication mechanism.

If the LOGDATA command is used without a logdata_string, BTEQ resets the mechanism data string to NULL.


Valid values for LOGMECH are a single mechanism name up to eight characters in length and not case-sensitive. The initial value for LOGMECH is eight spaces, which specifies the default mechanism. When the LOGMECH command is used without specifying a value, BTEQ sets LOGMECH to its initial default value.

Syntax for LOGMECH

where the following is true:

Defines the logon mechanism. For a discussion of supported logon mechanisms, see Security Administration (B035-1100).

The name is limited to eight characters; it is not case sensitive.


For LOGDATA, valid values are a single mechanism data value up to 32000 bytes in length. When the LOGDATA command is used without specifying a value, BTEQ sets LOGDATA to its initial default value.

Syntax for LOGDATA

where the following is true:

Indicates the parameters for the logon mechanism (specified using the LOGMECH command). For information about the logon parameters for supported mechanisms, see Security Administration (B035-1100).

Usage Notes

Because the LOGDATA argument is considered sensitive information, BTEQ (in interactive mode) prompts for a value, which is specified in protected mode (keyboard entry is not displayed). The value cannot be supplied as an argument to the LOGDATA command.

The SHOW CONTROLS command does not display the LOGDATA setting.

For network-attached systems, you can use Teradata Wallet in order to keep your Teradata Database passwords private and not be exposed in scripts. For more information about using Teradata Wallet for the username and password entries in the LOGDATA command, see Security Administration (B035-1100).

For more information about using security mechanisms, see Security Administration (B035-1100).


When using the LOGDATA and LOGMECH commands, they must precede the LOGON command. The LOGDATA and LOGMECH commands can occur in either order. The example below is for non-interactive mode use.

The following example demonstrates using the LOGDATA, LOGMECH, and LOGON commands in combination to specify the Windows logon authentication method and associated parameters:

.logmech NTLM;
.logdata joe@domain1@@mypassword;
.logon mydbs;