If a directory principal is mapped to a Teradata user object, specify the -u as the name of the database user.
$ tdspolicy -u perm01 –p profile01 –s local –i 184.108.40.206 Querying policy using the following parameters: Teradata user: perm01 Teradata profile: profile01 IP address: 220.127.116.11 Mechanisms: td2, ldap Confidentiality QoPs: high Integrity QoPs: low Options: no-direct-connect
- The directory principal (-u) can use only the TD2 or LDAP mechanism to log on.Profile01, which is mapped to the directory principal, applies only for LDAP logons. Profile-based policy does not apply to TD2 sessions.
- The system automatically uses the high confidentiality QOP (which supersedes the low integrity QOP) for all user message transmissions.
- The directory principal cannot connect directly to the database from the network, but must log on through a Unity tdpid or a mainframe connection.