Archives of the TeradataForum
Message Posted: Wed, 21 Feb 2001 @ 10:04:24 GMT
If you can't get the SECLOGON feature to work, try using the 'old' method - TDPLGUX. This is an exit point called by TDP during the logon process. From here you can set the relevant flag which tells the DBMS that TDP has 'validated' the logon. In this situation, the DBMS will accept a logon string with no password and allow the logon to proceed. This is known as the NULL PASSWORD feature and is documented in the Security Admin and TDP Reference manuals.
On a simple level, your TDPLGUX exit can contain a hard-coded list of userid's which are allowed to logon without supplying a password. These userid's also have to be defined to the Teradata DBMS as being allowed to logon from the mainframe without a password. Note that the NULL PASSWORD feature is specific to a userid/host number combination, so your userid's may still require passwords when logging on from the network. Once you've set the NULL PASSWORD feature on for a particular user/host combination, that user is no longer subject to password ageing when logging on from that host, so no more expired passwords, no more keeping mainframe and Teradata passwords in sync, no more storing passwords in mainframe pds members.
Using this method, your security rules are coded in a program that you write (TDPLGUX) which means that you can make them as simple or as complex as you like. You can even get the exit to issue SAF calls to ACF2 to read the required rules from there !
|Copyright 2016 - All Rights Reserved|
|Last Modified: 28 Jun 2020|