tdspolicy for a Directory Principal not Mapped to a Teradata User - Analytics Database

tdspolicy for a Directory Principal not Mapped to a Teradata User - Analytics Database - Teradata Vantage

Security Administration

Deployment

VantageCloud

VantageCore

Edition

Enterprise

IntelliFlex

VMware

Product

Analytics Database

Teradata Vantage

Release Number

17.20

Published

June 2022

ft:locale

en-US

ft:lastEdition

2024-04-05

dita:mapPath

hjo1628096075471.ditamap

dita:ditavalPath

qkf1628213546010.ditaval

dita:id

zuy1472246340572

lifecycle

latest

Product Category

Teradata Vantage™

For directory principals not mapped to a Teradata user, specify -u as the directory principal user name, along with the IP address and any mapped profile.

$ tdspolicy -u uid=drct01,ou=principals,dc=domain1,dc=com –p profile01
 –s  local_service_DN  –i 192.0.2.209
Querying policy using the following parameters:

        External user: uid=drct01,ou=principals,dc=domain1,dc=com
    Teradata profile: profile01
          IP address: v9

          Mechanisms: krb5, ldap
Confidentiality QoPs: low, high

where the directory principal specified by -u:

Can use only the KRB5, SPNEGO, or LDAP mechanism to log on.
Must use confidentiality with high QOP for LDAP logons. Confidentiality is also enforced for KRB5 and SPNEGO logons, but the QOP strength is determined by Kerberos.