Identity Search Implementation Process - Advanced SQL Engine - Teradata Database

Security Administration

Product
Advanced SQL Engine
Teradata Database
Release Number
17.10
Published
July 2021
Language
English (United States)
Last Update
2022-02-15
dita:mapPath
ppz1593203596223.ditamap
dita:ditavalPath
wrg1590696035526.ditaval
dita:id
B035-1100
lifecycle
previous
Product Category
Teradata Vantageā„¢
  1. Make sure you understand the format and function of the configuration files. See About the TDGSS Configuration Files.
  2. Create the required identity search in a text editor, such as Notepad. See Configuring an Identity Search.
  3. Use the text editor to add the following items to the authentication mechanism(s) in the TdgssUserConfigFile.xml on Teradata Vantage nodes and to the TdgssUnityConfig.xml on the Unity server, if used. See Making Changes to TdgssUserConfigFile.xml on Database Nodes.
    • Add the identity search created in step 2 above.
    • Add the LdapServiceFQDN and LdapServicePassword properties, and configure them as shown in Directory Identification and Search Properties.

      The LdapServicePasswordProtected property indicates whether the password is stored in encrypted form. You do not need to add this property to use the default setting (not protected). If you want to encrypt the password, use the tdspasswd tool to generate an encrypted password for the passphrase that is used to encrypt the private key file.

      You can store the password in plain text, but it is not recommended. If you use plain text, be sure to limit access to the TDGSS configuration files and the TDGSSCONFIG.GDO. See Controlling Access to the Operating System.

      Also see LdapServicePasswordProtected.

  4. If the configuration is not useful, you can revert to the previous configuration. See Returning to an Old Configuration.