16.10 - Using Logon Error Handling Options - Teradata Database

Teradata Database Security Administration

Product
Teradata Database
Release Number
16.10
Release Date
June 2017
Content Type
Administration
Security
Publication ID
B035-1100-161K
Language
English (United States)

You can use the Gateway Control utility -n option to determine whether users receive specific information about logon errors.

When the value is set to:

  • no (the default), all logon errors return the default message:
    The User Id, Password, or Account is invalid
  • yes, logon errors return a message that describes the specific error encountered, for example:
    Invalid user password

Teradata recommends the default setting (no), instead of enabling failure-specific messages (the yes setting), to prevent unauthorized users from getting hints about a failed attempt to break-in to the system.

To aid administrators in debugging logon failures, the Gateway writes failure-specific error messages to the system log /var/log/messages, regardless of how the -n option is set.

All TDGSS-related errors also appear in the gateway log: /var/opt/teradata/tdtemp/gtw