Modify Mechanism Properties Without Reset | SQL Engine 17.10 | Teradata Vantage - 17.10 - Modifying Mechanism Properties Without a TPA Reset - Advanced SQL Engine - Teradata Database

Teradata Vantage™ - Advanced SQL Engine Security Administration

Product
Advanced SQL Engine
Teradata Database
Release Number
17.10
Release Date
July 2021
Content Type
Administration
Security
Publication ID
B035-1100-171K
Language
English (United States)

The following can be modified without a TPA reset:

  • Any attribute or property whose name begins with "Ldap" for KRB5 and LDAP
  • MechanismEnabled property for KRB5, LDAP, JWT, and PROXY
  • AuthorizationSupported property for KRB5 and LDAP
  • LDAP Service ID and password with no impact to user LDAP logons
  • The following properties in the PROXY mechanism:
    • CertificateFile
    • PrivateKeyFile
    • PrivateKeyPassword
    • PrivateKeypasswordProtected
    • CACertFile
    • CACertDir
    • SigningHashAlgorithm
  • Any JWT mechanism property whose name begins with "JWT"
  • All canonicalizations including the lightweight authorization structures

The following configuration changes still require a tpareset:

  • Changes to any mechanism property not mentioned above require a tpareset
  • QoP configuration
  • Local or global policy configuration, including service name changes
  • TDNEGO and SPNEGO
The run_tdssconfig utility indicates when a TPA reset is required.