16.10 - System Processing of Global and Local Policies - Teradata Database

Teradata Database Security Administration

Product
Teradata Database
Release Number
16.10
Release Date
June 2017
Content Type
Administration
Security
Publication ID
B035-1100-161K
Language
English (United States)

TDGSS follows certain rules when determining security policy for a session. When a user logs on to Teradata Database:

  1. If the authentication mechanism is TD2, TDGSS first looks for a global policy and enforces any policies that apply to the user. Local policies do not apply to TD2 users.
  2. If the authentication mechanism is not TD2, TDGSS searches each <service> element for a <policy> element (local policy).
    1. If TDGSS finds a local policy that applies to the user, it enforces the policy.
    2. If TDGSS does not find a local policy structure in the authenticating service, it searches for a global policy and enforces any global policy that applies to the user.
  3. If the TdgssUserConfigFile.xml contains neither a local nor a global policy, the policy enforcement feature is disabled regardless of what may be configured in the directory.