Archives of the TeradataForum

Message Posted: Wed, 29 Dec 2004 @ 22:25:21 GMT

	<Prev	Next>		<<First	<Prev	Next>	Last>>

<-- Anonymously Posted: Wednesday, December 29, 2004 16:29 -->

I recently updated our development ETL application server (i.e. TTU, BTEQ, Fastload, Multiload,etc) with the ability to connect to both Production and Development. Default TDP name points to development and to point to production the developers would need to enter the production TDP name. The advice of the ETL development group was not to do this. I thought the exposure to accidentally writing to the wrong system was low.. Well, I was wrong. Most of the ETL scripts use a common logon routine. So a developer doing a trial extract of data from production, changed the common logon routine to point to production and started his extract program. At the same time another developer started testing his update program and unknowing to the developer he was updating a production table. We are now currently correcting the production table.

We are looking at our options to prevent this which includes: removing ability to connect to production from development, allowing only read access to common logon routine, educating ETL developers, etc.

I would like to be able to keep the ability to connect to production from the development ETL server. We are currently on V2R5.1 and are now implementing Roles and Profiles.

My questions is does Teradata support the concept of a "trusted connection". (In PMON - under the Logon Source field it shows where the connection originated). When an ID logs on from a trusted connection - it can do updates, inserts, deletes, selects, etc. When the same ID logs on from an un-trusted connection - it can only do select.

Any other comments on how other companies manage this will be helpful.

Thanks in Advance

	<Prev	Next>		<<First	<Prev	Next>	Last>>