Books
in black and white
Main menu
Share a book About us Home
Books
Biology Business Chemistry Computers Culture Economics Fiction Games Guide History Management Mathematical Medicine Mental Fitnes Physics Psychology Scince Sport Technics
Ads

Teradata RDBMS Database Administration - NCR

NCR Teradata RDBMS Database Administration - NCR , 2004. - 616 p.
Download (direct link): teradatadatabaseadmin2004.pdf
Previous << 1 .. 89 90 91 92 93 94 < 95 > 96 97 98 99 100 101 .. 218 >> Next


Example 3

You can narrow the output with the BTEQ SIDETITLE formatting command:

Teradata BTEQ 05.04.01.00 for WIN32. Enter your logon or BTEQ command:

.logon baily/test_user

Password:

*** Logon successfully completed. *** Transaction Semantics are BTET. *** Character Set Name is 'ASCII'

*** Total elapsed time was 3 seconds.

BTEQ -- Enter your DBC/SQL request or BTEQ command: set foldline on

.set foldline on

BTEQ -- Enter your DBC/SQL request or BTEQ command: .set sidetitles on

.set sidetitles on

BTEQ -- Enter your DBC/SQL request or BTEQ command: select * from dbc.sessioninfo;

select * from dbc.sessioninfo;

*** Query completed. 2 rows found. 18 columns returned. *** Total elapsed time was 2 seconds.

UserName AccountName SessionNo DefaultDataBase IFPNo Partition LogicalHostId HostNo CurrentCollation LogonDate LogonTime LogonSequenceNo LogonSource ExpiredPassWord

TEST_USER DBC

1,080

TEST_USER

16383 DBC/SQL 1025

1

H

02/06/18

11:27:51:50

00000000

<TCP-IP> 0C91 153.64.14.165 NA N

4752 TSTUSR BTEQ 01 LSS

6 - 30 Teradata RDBMS Database Administration

Chapter 6: Controlling Access

Session-Related Views

TwoPCMode Transaction_Mode CurrentRole LogonAcct UserName AccountName SessionNo DefaultDataBase IFPNo Partition LogicalHostId HostNo CurrentCollation LogonDate LogonTime LogonSequenceNo LogonSource

N T

DBC DBC DBC

1,102

DBC

16383 DBC/SQL 1025

1

H

02/07/04

14:19:07.51

00000000

<TCP-IP> 0524 153.64.14.190 LAP1

4140 DBC BTEQ 01 LSS

DBC.LogOnOff View

The DBC.LogOnOff view provides information about the success and duration of user sessions, in addition to LogonSource information. This view is helpful when you need to know about failed attempts to log on.

For example, the following query returns any failed logon attempts during the last seven days:

SELECT LogDate,LogTime,UserName (FORMAT ,X(10)'),Event FROM DBC.LogOnOff

WHERE Event NOT LIKE (4Logo%') AND LogDate GT DATE - 7 ORDER BY LogDate, LogTime ;

LogDate LogTime UserName Event

98/10/21 08:55:22 S01a BAD USER

98/10/21 08:59:53 BRM BAD ACCOUNT

98/10/21 11:34:16 RPK BAD PASSWORD

DBC.LogonRules View

Security administrators who have EXECUTE privilege on the DBC.LogonRule macro must specifically authorize a user to logon without a password. This is done with the SQL GRANT LOGON ... WITH NULL PASSWORD statement.

The result of each successfully processed GRANT LOGON statement is stored as a row in DBC.LogonRuleTbl.

The DBC.LogonRules view returns the current logon rules. For example, the following query requests all logon rule entries, sorted by username:

SELECT *

FROM DBC.LogonRules ORDER BY UserName ;

6 - 30

Teradata RDBMS Database Administration Chapter 6: Controlling Access

Session-Related Views

The response shows that user SQL19 cannot log on using host ID 207, and that users SQL18 and SQL20 can log on without a password.

User Name LogicalHostId LogonStatus NullPassword

SQL18 SQL19 SQL2 0

1024 G T

207 R F

207 G T

6 - 30 Teradata RDBMS Database Administration

Chapter 6: Controlling Access

DBC.SW_Event_Log

DBC.SW_Event_Log

This log contains system error messages for Teradata RDBMS Field Engineers. Rows are inserted by the system in response to software error conditions.

The messages also can contain information about Teradata feature software.

For example, execution of the Performance Monitor commands SET RESOURCE, SET SESSION, and ABORT SESSION are considered major system events and thus are logged to DBC.SW_Event_Log. (For log details and content, see "Viewing the SW_Event_Log" on page C-8).

6 - 36

Teradata RDBMS Database Administration Chapter 6: Controlling Access

Access Control Mechanisms

Access Control Mechanisms

You can control user access by granting specific privileges on specific views, macros and stored procedures to specific users.

View definitions limit user access to table columns or rows that may contain sensitive information. Macros and stored procedures limit the types of actions a user can perform on the columns and rows. Also, you can define which users are granted the EXECUTE privilege on a macro or stored procedure.

An arrangement of privileges control the user's activities during a session. Privileges are associated with a user, a database, and an object (table, view, macro, stored procedure, join index, or trigger), and can be explicitly granted or revoked by an owner of an object, or by a user that has the privilege with the WITH GRANT OPTION privilege.

The system verifies user privileges when the user attempts to access or execute a function that accesses an object.

Information on automatic and explicit privilege is maintained in the system table DBC.AccessRights. You can retrieve this information by querying the view DBC.UserRights (see "Viewing Granted Privileges" on page 6-9). Implicit privileges associated with ownership are not stored in this table (see "Explicit, Automatic, and Implicit Privileges" on page 1-15).
Previous << 1 .. 89 90 91 92 93 94 < 95 > 96 97 98 99 100 101 .. 218 >> Next