Archives of the TeradataForum
Message Posted: Mon, 20 Sep 2004 @ 11:27:11 GMT
| Subj: | | Re: What is the safe way to delegate a user to only change forgotten users passwords ? |
| |
| From: | | Glen Blood |
We built a stored procedure using dynamic sql to perform this task. The stored procedure database (it is a user, but that sentence didn't make
sense) has drop user on all users (with grant option). The users (mostly help desk personnel) are granted execute procedure on this stored
procedure. The only trick is to remember to log on as the stored procedure database (user) to compile the stored procedure.
We also gave tehm one to unlock the user and included this feature in the change password stored procedure.
We found it very useful to add in logging (we built one logging table and a logging procedure when we first started using stored procedures).
Our help desk personnel would log onto the wrong Teradata box to change passwords and this allowed us to quickly find the problem.
Glen
| 
