Single Sign-On Legacy Considerations - Call-Level Interface Version 2

Teradata® Call-Level Interface Version 2 Reference for Workstation-Attached Systems

Product
Call-Level Interface Version 2
Release Number
17.00
Published
June 2020
Language
English (United States)
Last Update
2021-04-19
dita:mapPath
xen1544831946512.ditamap
dita:ditavalPath
obe1474387269547.ditaval
dita:id
B035-2418
lifecycle
previous
Product Category
Teradata Tools and Utilities
To provide backward compatibility with pre-TTU 8.0 applications that use SSO, the following items apply:
  • Direct sign-on: If a user does not supply a username and password as part of the Teradata logon string AND no mechanism name is specified through .logmech, the client interface will not use the default mechanism. Rather, it will first determine if the Kerberos mechanism is available and, if so, use it. If not, it will next determine if the NTLM mechanism is available and, if so, use it. If neither NTLM nor Kerberos is available, the logon attempt will fail.

    If .logmech is specified and it turns out to be different from the one automatically determined by the client interface, an error will be returned.

  • Third-party sign-on: If an application uses the programmatic third-party sign-on capability using the DBCAREA extension AND no mechanism name is specified through logmech_name, the client interface will not use the default mechanism. Rather, it will first determine if the Kerberos mechanism is available and, if so, use it. If not, it will next determine if the NTLM mechanism is available and, if so, use it. If neither NTLM nor Kerberos is available, the logon attempt will be failed.

    If .logmech is specified and it turns out to be different from the one automatically determined by the client interface, an error will be returned.