When a user logs on to Teradata Vantage, TDGSS checks the <LdapConfig> section of the TdgssUserConfigFile.xml for <Policy> elements. A <Policy> element found in the <LdapConfig> directs TDGSS to a directory object that is the parent of a security policy configuration. TDGSS enforces any applicable policies that it finds in the directory.
- The applicable policy derives from setting the RequireConfidentiality flag to yes. See Requiring Confidentiality.
- The --secpcynotsupported logon flag is set. See Configuring the Gateway to Allow Logons from Older Interfaces or Proxies.
- In the absence of an applicable QOP or option policy, a request for confidentiality or integrity on the client uses the DEFAULT QOP.
- If multiple QOP policies apply to the session, the strongest QOP takes precedence.