Single Sign-On Legacy Considerations - Call-Level Interface Version 2

Teradata Call-Level Interface Version 2 Reference for Workstation-Attached Systems

Product
Call-Level Interface Version 2
Release Number
16.10
Published
May 2017
Language
English (United States)
Last Update
2018-05-01
dita:mapPath
ggf1488824663364.ditamap
dita:ditavalPath
Audience_PDF_include.ditaval
dita:id
B035-2418
lifecycle
previous
Product Category
Teradata Tools and Utilities
To provide backward compatibility with pre-TTU 8.0 applications that use SSO, the following items apply:
  • Direct sign-on: If a user does not supply a username and password as part of the Teradata logon string AND no mechanism name is specified through .logmech, the client interface will not use the default mechanism. Rather, it will first determine if the Kerberos mechanism is available and, if so, use it. If not, it will next determine if the NTLM mechanism is available and, if so, use it. If neither NTLM nor Kerberos is available, the logon attempt will fail.

    If .logmech is specified and it turns out to be different from the one automatically determined by the client interface, an error will be returned.

  • Third-party sign-on: If an application uses the programmatic third-party sign-on capability using the DBCAREA extension AND no mechanism name is specified through logmech_name, the client interface will not use the default mechanism. Rather, it will first determine if the Kerberos mechanism is available and, if so, use it. If not, it will next determine if the NTLM mechanism is available and, if so, use it. If neither NTLM nor Kerberos is available, the logon attempt will be failed.

    If .logmech is specified and it turns out to be different from the one automatically determined by the client interface, an error will be returned.