16.10 - System Processing of Global and Local Policies - Teradata Database

Teradata Database Security Administration

prodname
Teradata Database
vrm_release
16.10
created_date
June 2017
category
Administration
Security
featnum
B035-1100-161K

TDGSS follows certain rules when determining security policy for a session. When a user logs on to Teradata Database:

  1. If the authentication mechanism is TD2, TDGSS first looks for a global policy and enforces any policies that apply to the user. Local policies do not apply to TD2 users.
  2. If the authentication mechanism is not TD2, TDGSS searches each <service> element for a <policy> element (local policy).
    1. If TDGSS finds a local policy that applies to the user, it enforces the policy.
    2. If TDGSS does not find a local policy structure in the authenticating service, it searches for a global policy and enforces any global policy that applies to the user.
  3. If the TdgssUserConfigFile.xml contains neither a local nor a global policy, the policy enforcement feature is disabled regardless of what may be configured in the directory.