Benefits:
Enabling Single-Sign-On (SSO) feature in OLE DB Access Module adds several benefits. Some of them are:
- Provides ease-of-use because the user need not remember and enter his password.
- Provides security, because the password would not need to be stored in the .amj (Access Module Job) file when this is in effect.
- Changing the Teradata user password would not cause jobs based on the .amj to break.
How to use:
In OleLoad (OLE DB Access Module GUI) dialog box, under “Teradata Connection Information” dialog box, an option is present to enable or disable this feature.
- Open OleLoad GUI and select source/destination as “Teradata Database”.
- A dialog box named “Teradata OleLoad - Teradata Connection Information” will appear.
- Click the button “More>>” to show complete list of logon parameters for input. Ignore this step if “More>>” button is not visible.
- The dialog box will looks similar to following screen captures. First screen capture shows before selecting SSO feature and second screen capture shows after selecting SSO feature.
- Note that several logon parameters such as “User id”, “password”, “Mechanism parameters” are disabled when “Use SSO” check-box is selected.
- Also, note that only KRB5, NTLM and SPNEGO supports SSO, so “Mechanism” drop down list also got updated to choose desired option.
Preliminary requirement:
- SSO works on same domain, so Teradata database has to be running the same domain on which used logged on.
-
A user should have been created in Teradata database with permission to logon without password. To do that following steps should be followed:
- Create user with password and perm space.
-
Give permission for null password similar to following command:
- grant logon on all to <username> with null password
This ensures the user exist before attempting for a session.
- There might be additional setting required for specific mechanisms which should be performed based on requirement.
Channel:
Ignore ancestor settings:
0
Apply supersede status to children:
0
