Home Page for the TeradataForum

Archives of the TeradataForum

Message Posted: Wed, 16 Apr 2008 @ 16:16:42 GMT

  <Prev Next>   <<First <Prev Next> Last>>  

Subj:   Re: Extra security elements
From:   Anomy Anom

<-- Anonymously Posted: Wed, 16 Apr 2008 10:11 -->

If you set ExpirePassword to a nonzero value, the password supplied via CREATE USER is considered "expired" and the user is required to change it. Or when ExpirePassword is nonzero you can also explicitly MODIFY USER x AS PASSWORD=OneTimeOnly FOR USER;

What exactly do you mean by "locked"? Would (for example) changing the password to some random sequence of characters be sufficient? You can use MODIFY USER to RELEASE PASSWORD LOCK but not to set it. For that you may have to use some workaround like a client application that issues repeated logon attempts that intentionally supply the wrong password. (Don't forget to set LockedUserExpire to -1 if you need the ID to remain locked until manually released.)

You can also REVOKE LOGON, but that creates a specific LogonRule (which can be specifically reversed by a GRANT LOGON but can't be reverted to system default).

  <Prev Next>   <<First <Prev Next> Last>>  
  Top Home Privacy Feedback  
Copyright for the TeradataForum (TDATA-L), Manta BlueSky    
Copyright 2016 - All Rights Reserved    
Last Modified: 28 Jun 2020