Using tdgssauth to Determine tdspolicy Search Parameters - Advanced SQL Engine

Using tdgssauth to Determine tdspolicy Search Parameters - Advanced SQL Engine - Teradata Database

Security Administration

Product

Advanced SQL Engine

Teradata Database

Release Number

17.10

Published

July 2021

Language

English (United States)

Last Update

2022-02-15

dita:mapPath

ppz1593203596223.ditamap

dita:ditavalPath

wrg1590696035526.ditaval

dita:id

B035-1100

lifecycle

Product Category

Teradata Vantage™

Before using tdspolicy to investigate the security policy applicable to a user defined in the directory, you can run tdgssauth to determine parameters that may be required to run tdspolicy.

$ tdgssauth -m ldap -u diperm01 -i 141.206.3.15
TDGSS_BIN_FILE not set.
TDGSSCONFIG GDO used in tdgss.
Please enter a password: 
                        Status: authenticated, not authorized
                 Database user: perm01 [permanent user]
                       Profile: profile01
                External roles: extrole01perm01, extrole02perm01, extrole03perm01
            Authenticated user: ldap://esroot.example.com:389/CN=diperm01,OU=people,OU=testing,DC=example,DC=com
        Audit trail identifier: diperm01
        Authenticating service: esroot1
     Actual mechanism employed: ldap [OID 1.3.6.1.4.1.191.1.1012.1.20]
       Mechanism specific data: diperm01

 Security context capabilities: replay detection
                                out of sequence detection
                                confidentiality
                                integrity
                                protection ready
                                exportable security context

 Minimum quality of protection: high with confidentiality and integrity
                       Options: none

$