1. Determine if the account is locked by failed password attempts. When the failed attempts equals the max logon attempts set in the user’s profile, the user will be displayed in the results. This is a good query, but will not work in all cases, depending on how the profile was setup.
SELECT DBC.USERS.USERNAME, DBC.USERS.LOCKEDDATE, DBC.USERS.LOCKEDTIME, DBC.USERS.LOCKEDCOUNT FROM DBC.USERS INNER JOIN DBC.PROFILES ON DBC.USERS.PROFILENAME = DBC.PROFILES.PROFILENAME WHERE DBC.USERS.LOCKEDCOUNT >= DBC.PROFILES.MAXLOGONATTEMPTS;
2. The SQL statement to unlock the account.
MODIFY USER <user> AS RELEASE PASSWORD LOCK;
3. Rerun the query to verify that the account is no longer in the results.
Hi ,
How to lock teradata user account
and move lcoked user account to ids
pls. help
This is an excellent question.
Something I played around with for two hours attempting to find a back door to locking out a user account. As you probably already know, Teradata does not offer a way of locking a user account as of version 15.10 (or not published in its online documentation).
The only work around I have found that might help is to create a new PROFILE (example name: LockedAccounts) with the only parameters set is Max Attempts = 1 & Lock Expires = -1. Set the user to that new profile. Then attempting to connect as that user with a bad password to lock the account.
The down side to this workaround is that another Teradata Administrator can unknowing release the lock on the user. Also if the profile is changed on the user, the lock will be released.