17.20 - tdspolicy for a Directory Principal not Mapped to a Teradata User - Analytics Database - Teradata Vantage

Teradata Vantage™ - Analytics Database Security Administration - 17.20

Deployment
VantageCloud
VantageCore
Edition
Enterprise
IntelliFlex
VMware
Product
Analytics Database
Teradata Vantage
Release Number
17.20
Published
June 2022
Language
English (United States)
Last Update
2023-03-07
dita:mapPath
hjo1628096075471.ditamap
dita:ditavalPath
qkf1628213546010.ditaval
dita:id
zuy1472246340572

For directory principals not mapped to a Teradata user, specify -u as the directory principal user name, along with the IP address and any mapped profile.

$ tdspolicy -u uid=drct01,ou=principals,dc=domain1,dc=com –p profile01
 –s  local_service_DN  –i 192.0.2.209
Querying policy using the following parameters:

        External user: uid=drct01,ou=principals,dc=domain1,dc=com
    Teradata profile: profile01
          IP address: v9

          Mechanisms: krb5, ldap
Confidentiality QoPs: low, high
where the directory principal specified by -u:
  • Can use only the KRB5, SPNEGO, or LDAP mechanism to log on.
  • Must use confidentiality with high QOP for LDAP logons. Confidentiality is also enforced for KRB5 and SPNEGO logons, but the QOP strength is determined by Kerberos.