16.20 - GRANT LOGON - Teradata Database - Teradata Vantage NewSQL Engine

Teradata Vantage™ SQL Data Control Language

Teradata Database
Teradata Vantage NewSQL Engine
Release Number
Release Date
March 2019
Content Type
Programming Reference
Publication ID
English (United States)


GRANT LOGON does either of the following:
  • Gives specific users permission to log on to Teradata Database from one or more specific client systems.
  • Changes the current system logon defaults.

Required Privileges

You must have the EXECUTE privilege on the DBC.LogonRule macro to perform GRANT LOGON.


Syntax Elements

a mainframe connection or a workstation network connection that is currently defined to the system by the hardware configuration data. The interface need not be operational.
You can define multiple host IDs per node.
The host ID for the system console is 0. For any other connector, the value for host_id ranges from 1 through 32,767.
any source through which a logon is attempted, including the system console.
that the current default for the specified host_id set is to be changed, without residual conditions, as defined in this GRANT LOGON statement. A statement with AS DEFAULT has no effect on the access granted to or revoked from particular user names.
A statement that sets the default for a specific host_id takes precedence over a statement that sets the default for ALL client systems.
the clause that specifies the recipient of the GRANT results.
one or more user names whose current system logon defaults are to be changed.
  • You cannot specify the name DBC as a user name in a GRANT LOGON statement. A statement that includes this name returns an error message.
  • The product of the number of host IDs times the number of user names cannot exceed 25.
to permit a logon string that has no password to be accepted from the specified client system community.
The initial default is that all logon requests must include a password. The WITH NULL PASSWORD option, in conjunction with a TDP security exit procedure, negates that default.
This option implies that the user has been authenticated externally and not by the database. See Teradata Vantage™ NewSQL Engine Security Administration, B035-1100 for more information.