TDNEGO is the only negotiating mechanism that Teradata Vantage supports. You can configure TDNEGO to choose from one or more logon authentication mechanisms for client access.
TDGSS also allows you to set a non-negotiated mechanism, which is TD2 by default. The non-negotiated mechanism is tried if protocol negotiations fail. See information about the DefaultMechanism setting in the TdgssUserConfigFile.xml.
If the database server and the client cannot find a common mechanism, the logon request is denied, and the logon fails.
In most cases, negotiations are initiated by the client logon request. If the client does not specify an authentication protocol, TDNEGO uses the default mechanism of the database server.
If you need to modify the TDNEGO configuration, the best practice is to modify the configuration on the database server. If you must modify the TDNEGO configuration on the client, install the Teradata GSS Administrative Package on the client. For more information, see Teradata GSS Administrative Package.