16.10 - Testing XML-Based IP Restrictions - Teradata Database

Teradata Database Security Administration

prodname
Teradata Database
vrm_release
16.10
created_date
June 2017
category
Administration
Security
featnum
B035-1100-161K
  1. From the command prompt in the /site directory, run the tdsbind utility to determine if the restrictions contained in the GDO affect users as expected. Test several users with different IP addresses; test users who should, and users who should not, be restricted from logging on.
    The tdsbind utility is available in the tdgss/bin directory.
    $ tdsbind -U  username  -I  IP_address

    where:

    The Tdsbind option Specifies...
    -U username a Teradata Database username that tdsbind tests in combination with the specified IP address to determine if any restrictions apply.
    -I IP_address an IP address from which the username can log on, for example, 141.206.35.87.

    The tdsbind utility returns output similar to:

    Logon by user  username  from IP IP_address is [not allowed] [allowed]
  2. Based on the testing results:

    If the restrictions do not function as needed, you can do one or both of the following:

    If the restrictions pass the testing without problems, the IP XML restrictions are complete.