If a directory principal is mapped to a Teradata user object, specify the -u as the name of the database user.
$ tdspolicy -u perm01 –p profile01 –s local –i 192.0.2.205 Querying policy using the following parameters: Teradata user: perm01 Teradata profile: profile01 IP address: 192.0.2.205 Mechanisms: td2, ldap Confidentiality QoPs: high Integrity QoPs: low Options: no-direct-connect
where:
- The directory principal (-u) can use only the TD2 or LDAP mechanism to log on.Profile01, which is mapped to the directory principal, applies only for LDAP logons. Profile-based policy does not apply to TD2 sessions.
- The system automatically uses the high confidentiality QOP (which supersedes the low integrity QOP) for all user message transmissions.
- The directory principal cannot connect directly to the database from the network, but must log on through a mainframe connection.