17.10 - Example: Bad User Error - Advanced SQL Engine - Teradata Database

Teradata Vantage™ - Advanced SQL Engine Security Administration

Product
Advanced SQL Engine
Teradata Database
Release Number
17.10
Release Date
July 2021
Content Type
Administration
Security
Publication ID
B035-1100-171K
Language
English (United States)

This example demonstrates the error that occurs when either the identity mapping yields a FQDN that identifies an object that does not exist, or the userPassword attribute in the mapped directory object is missing or contains something other than cleartext data.

If the mapped FQDN does not identify an existing object, either the user name was entered incorrectly, or the object does not exist in the directory. If the user name was entered incorrectly, try the command again with a correct user name. If the problem persists, have the directory administrator either create or replace the contents of the userPassword attribute in the mapped object with a cleartext value and retry your command using the new password.

$ ldapsearch -D diperm01@testing -H ldap://esroot -b "" -s base -W -Y DIGEST-MD5 -Z
Enter LDAP password:
Invalid credentials
additional info: SASL(-13): user not found: no secret in database
$
The DIGEST-MD5 authentication protocol used by LDAP is deprecated. Teradata strongly recommends you use simple binding with TLS protection, and stop using DIGEST-MD5.