Users who log on with the TD2 mechanism are not subject to local policy because they are not authenticated or authorized in the directory. When you specify a Vantage username for -u, TDGSS looks in the TdgssUserConfigFile.xml to see if a global policy applies to the user.
Profile-based policies do not apply to users authenticated by TD2.
$ tdspolicy -u td2user –i 192.0.2.203 Querying policy using the following parameters: Teradata user: td2user IP address: 192.0.2.203 Mechanisms: td2 Confidentiality QoPs: default
where the Vantage user specified by -u:
- Can use only the TD2 mechanism to log on.
- Confidentiality is required, but because a TD2 user is not authenticated or authorized in the directory, QOP strength defaults to the DEFAULT QOP.