17.10 - Examples - Advanced SQL Engine - Teradata Database

Teradata Vantage™ - Advanced SQL Engine Security Administration

Product
Advanced SQL Engine
Teradata Database
Release Number
17.10
Release Date
July 2021
Content Type
Administration
Security
Publication ID
B035-1100-171K
Language
English (United States)

Example: Summary Mode

tdgssgetinfo -s
=====================================================
|                                                   |
| tdgssgetinfo Diagnostic Tool (TDGSS 17.10.00.100) |
|                                                   |
=====================================================

Machine name: sdtnnnnn
OS Release: SUSE Linux Enterprise Server 12 SP3
Time executed: Thu Nov 14 09:50:23 2019

----------------------------
| Available TDGSS Versions |
----------------------------
17E.10.00.06 /opt/teradata/tdat/tdgss/17E.10.00.06/
17H.10.00.113 /opt/teradata/tdat/tdgss/17H.10.00.113/
17H.10.00.114 /opt/teradata/tdat/tdgss/17H.10.00.114/
--> 17I.10.00.104 /opt/teradata/tdat/tdgss/17I.10.00.104/
17I.10.00.105 /opt/teradata/tdat/tdgss/17I.10.00.105/
("-->" denotes the current active version)

-----------------------------
| Configuration Information |
-----------------------------
No output returned.

------------------------
| Available Mechanisms |
------------------------
OID: TD2 - 1.3.6.1.4.1.191.1.1012.1.1.9
-------------------------------------------
"DefaultMechanism" = true
"DelegateCredentials" = false
"MechanismEnabled" = true
"MechanismRank" = 20
"OutOfSequenceDetection" = true
"ReplayDetection" = true
"UseLdapConfig" = false


OID: KRB5 - 1.2.840.113554.1.2.2
-------------------------------------------
"DefaultMechanism" = false
"DelegateCredentials" = true
"MechanismEnabled" = true
"MechanismRank" = 40
"OutOfSequenceDetection" = true
"ReplayDetection" = true
"TeradataKeyTab" = /etc/teradata.keytab
"UseLdapConfig" = false


OID: SPNEGO - 1.3.6.1.5.5.2
-------------------------------------------
"DefaultMechanism" = false
"DelegateCredentials" = true
"MechanismEnabled" = true
"MechanismRank" = 65
"OutOfSequenceDetection" = true
"ReplayDetection" = true
OID: ldap - 1.3.6.1.4.1.191.1.1012.1.20
-------------------------------------------
"DefaultMechanism" = false
"DelegateCredentials" = false
"MechanismEnabled" = true
"MechanismRank" = 70
"OutOfSequenceDetection" = true
"ReplayDetection" = true
"UseLdapConfig" = false


OID: PROXY - 1.3.6.1.4.1.28698.4.302.1.2
-------------------------------------------
"DefaultMechanism" = false
"DelegateCredentials" = false
"MechanismEnabled" = true
"MechanismRank" = 70
"OutOfSequenceDetection" = true
"ReplayDetection" = true


OID: TDNEGO - 1.3.6.1.4.1.28698.4.302.1.3
-------------------------------------------
"DefaultMechanism" = false
"DelegateCredentials" = true
"MechanismEnabled" = true
"MechanismRank" = 10
"OutOfSequenceDetection" = true
"ReplayDetection" = true

* Default mechanism is TD2.


---------------------------------------
| Available TDGSS Configuration Files |
---------------------------------------
1. /opt/teradata/tdat/tdgss/17H.10.00.113/bin/tdgssconfig.bin
2. /opt/teradata/tdat/tdgss/17H.10.00.113/etc/tdgssconfig.bin
3. /opt/teradata/tdat/tdgss/17H.10.00.114/etc/tdgssconfig.bin
4. /opt/teradata/tdat/tdgss/17E.10.00.06/etc/tdgssconfig.bin.prebuilt
5. /opt/teradata/tdat/tdgss/17H.10.00.113/etc/tdgssconfig.bin.prebuilt
6. /opt/teradata/tdat/tdgss/17H.10.00.114/etc/tdgssconfig.bin.prebuilt
7. /opt/teradata/tdat/tdgss/17I.10.00.105/etc/tdgssconfig.bin.prebuilt
8. TDGSSCONFIG GDO

Example: No Options Specified

When no options are specified, tdgssgetinfo displays all collected information and prompts you to select a configuration file that you would like to see a dump of.

tdgssgetinfo
=====================================================
|                                                   |
| tdgssgetinfo Diagnostic Tool (TDGSS 17.10.00.100) |
|                                                   |
=====================================================

Machine name: sdtnnnnn
OS Release: SUSE Linux Enterprise Server 12 SP3
Time executed: Thu Nov 14 09:50:23 2019

----------------------------
| Available TDGSS Versions |
----------------------------

17E.10.00.06 /opt/teradata/tdat/tdgss/17E.10.00.06/
17H.10.00.113 /opt/teradata/tdat/tdgss/17H.10.00.113/
17H.10.00.114 /opt/teradata/tdat/tdgss/17H.10.00.114/
--> 17I.10.00.104 /opt/teradata/tdat/tdgss/17I.10.00.104/
17I.10.00.105 /opt/teradata/tdat/tdgss/17I.10.00.105/

("-->" denotes the current active version)

-----------------------------
| Configuration Information |
-----------------------------

No output returned.

------------------------
| Available Mechanisms |
------------------------

OID: TD2 - 1.3.6.1.4.1.191.1.1012.1.1.9
-------------------------------------------
"DefaultMechanism" = true
"DelegateCredentials" = false
"MechanismEnabled" = true
"MechanismRank" = 20
"OutOfSequenceDetection" = true
"ReplayDetection" = true
"UseLdapConfig" = false


OID: KRB5 - 1.2.840.113554.1.2.2
-------------------------------------------
"DefaultMechanism" = false
"DelegateCredentials" = true
"MechanismEnabled" = true
"MechanismRank" = 40
"OutOfSequenceDetection" = true
"ReplayDetection" = true
"TeradataKeyTab" = /etc/teradata.keytab
"UseLdapConfig" = false


OID: SPNEGO - 1.3.6.1.5.5.2
-------------------------------------------
"DefaultMechanism" = false
"DelegateCredentials" = true
"MechanismEnabled" = true
"MechanismRank" = 65
"OutOfSequenceDetection" = true
"ReplayDetection" = true


OID: ldap - 1.3.6.1.4.1.191.1.1012.1.20
-------------------------------------------
"DefaultMechanism" = false
"DelegateCredentials" = false
"MechanismEnabled" = true
"MechanismRank" = 70
"OutOfSequenceDetection" = true
"ReplayDetection" = true
"UseLdapConfig" = false


OID: PROXY - 1.3.6.1.4.1.28698.4.302.1.2
-------------------------------------------
"DefaultMechanism" = false
"DelegateCredentials" = false
"MechanismEnabled" = true
"MechanismRank" = 70
"OutOfSequenceDetection" = true
"ReplayDetection" = true


OID: TDNEGO - 1.3.6.1.4.1.28698.4.302.1.3
-------------------------------------------
"DefaultMechanism" = false
"DelegateCredentials" = true
"MechanismEnabled" = true
"MechanismRank" = 10
"OutOfSequenceDetection" = true
"ReplayDetection" = true


* Default mechanism is TD2.


---------------------------------------
| Available TDGSS Configuration Files |
---------------------------------------
1. /opt/teradata/tdat/tdgss/17H.10.00.113/bin/tdgssconfig.bin
2. /opt/teradata/tdat/tdgss/17H.10.00.113/etc/tdgssconfig.bin
3. /opt/teradata/tdat/tdgss/17H.10.00.114/etc/tdgssconfig.bin
4. /opt/teradata/tdat/tdgss/17E.10.00.06/etc/tdgssconfig.bin.prebuilt
5. /opt/teradata/tdat/tdgss/17H.10.00.113/etc/tdgssconfig.bin.prebuilt
6. /opt/teradata/tdat/tdgss/17H.10.00.114/etc/tdgssconfig.bin.prebuilt
7. /opt/teradata/tdat/tdgss/17I.10.00.105/etc/tdgssconfig.bin.prebuilt
8. TDGSSCONFIG GDO

Select the configuration file (1-8): 8

------------------
| Available QOPs |
------------------

QOP: GLOBAL_QOP_0
-------------------------------------------
ConfidentialityAlgorithm = Blowfish
IntegrityAlgorithm = NONE
KeyExchangeAlgorithm = DH
KeyLength = K128
KeyLengthP = K2048
Mode = ECB
Padding = NoPadding


QOP: GLOBAL_QOP_1
-------------------------------------------
ConfidentialityAlgorithm = AES
IntegrityAlgorithm = SHA1
KeyExchangeAlgorithm = DH
KeyLength = K128
KeyLengthP = K2048
Mode = OFB
Padding = PKCS5Padding


QOP: AES-K128_CBC_PKCS5Padding_SHA1_DH-K2048
-------------------------------------------
ConfidentialityAlgorithm = AES
IntegrityAlgorithm = SHA1
KeyExchangeAlgorithm = DH
KeyLength = K128
KeyLengthP = K2048
Mode = CBC
Padding = PKCS5Padding


QOP: AES-K192_CBC_PKCS5Padding_SHA1_DH-K2048
-------------------------------------------
ConfidentialityAlgorithm = AES
IntegrityAlgorithm = SHA1
KeyExchangeAlgorithm = DH
KeyLength = K192
KeyLengthP = K2048
Mode = CBC
Padding = PKCS5Padding


QOP: AES-K256_CBC_PKCS5Padding_SHA1_DH-K2048
-------------------------------------------
ConfidentialityAlgorithm = AES
IntegrityAlgorithm = SHA1
KeyExchangeAlgorithm = DH
KeyLength = K256
KeyLengthP = K2048
Mode = CBC
Padding = PKCS5Padding


QOP: AES-K128_GCM_PKCS5Padding_SHA2_DH-K2048
-------------------------------------------
ConfidentialityAlgorithm = AES
IntegrityAlgorithm = SHA256
KeyExchangeAlgorithm = DH
KeyLength = K128
KeyLengthP = K2048
Mode = GCM
Padding = PKCS5Padding


QOP: AES-K192_GCM_PKCS5Padding_SHA2_DH-K2048
-------------------------------------------
ConfidentialityAlgorithm = AES
IntegrityAlgorithm = SHA256
KeyExchangeAlgorithm = DH
KeyLength = K192
KeyLengthP = K2048
Mode = GCM
Padding = PKCS5Padding


QOP: AES-K256_GCM_PKCS5Padding_SHA2_DH-K2048
-------------------------------------------
ConfidentialityAlgorithm = AES
IntegrityAlgorithm = SHA256
KeyExchangeAlgorithm = DH
KeyLength = K256
KeyLengthP = K2048
Mode = GCM
Padding = PKCS5Padding


QOP: AES-K128_CCM_PKCS5Padding_SHA2_DH-K2048
-------------------------------------------
ConfidentialityAlgorithm = AES
IntegrityAlgorithm = SHA256
KeyExchangeAlgorithm = DH
KeyLength = K128
KeyLengthP = K2048
Mode = CCM
Padding = PKCS5Padding


QOP: AES-K192_CCM_PKCS5Padding_SHA2_DH-K2048
-------------------------------------------
ConfidentialityAlgorithm = AES
IntegrityAlgorithm = SHA256
KeyExchangeAlgorithm = DH
KeyLength = K192
KeyLengthP = K2048
Mode = CCM
Padding = PKCS5Padding


QOP: AES-K256_CCM_PKCS5Padding_SHA2_DH-K2048
-------------------------------------------
ConfidentialityAlgorithm = AES
IntegrityAlgorithm = SHA256
KeyExchangeAlgorithm = DH
KeyLength = K256
KeyLengthP = K2048
Mode = CCM
Padding = PKCS5Padding


QOP: AES-K128_CTR_PKCS5Padding_SHA2_DH-K2048
-------------------------------------------
ConfidentialityAlgorithm = AES
IntegrityAlgorithm = SHA256
KeyExchangeAlgorithm = DH
KeyLength = K128
KeyLengthP = K2048
Mode = CTR
Padding = PKCS5Padding


QOP: AES-K192_CTR_PKCS5Padding_SHA2_DH-K2048
-------------------------------------------
ConfidentialityAlgorithm = AES
IntegrityAlgorithm = SHA256
KeyExchangeAlgorithm = DH
KeyLength = K192
KeyLengthP = K2048
Mode = CTR
Padding = PKCS5Padding


QOP: AES-K256_CTR_PKCS5Padding_SHA2_DH-K2048
-------------------------------------------
ConfidentialityAlgorithm = AES
IntegrityAlgorithm = SHA256
KeyExchangeAlgorithm = DH
KeyLength = K256
KeyLengthP = K2048
Mode = CTR
Padding = PKCS5Padding


---------------------------
| Configuration File Dump |
---------------------------

Dumping TDGSSCONFIG GDO...
Header: Version 2
79 Elements at offset 2c (44)
671 Attributes at offset b6c (2924)
19 Data items at offset 206c (8300)

Level 00: < TdgssConfigFile > (Element 0)

Level 01: < Header > (Element 1)

ATTR: "ConfigFileType" = "User"
ATTR: "Version" = "1"
DATA: ""

Level 01: < Mechanisms > (Element 2)

Level 02: < Mechanism > (Element 6)

ATTR: "InterfaceType" = "teradata"
ATTR: "LibraryName" = "gssp2td2"
ATTR: "Name" = "TD2"
ATTR: "ObjectId" = "1.3.6.1.4.1.191.1.1012.1.1.9"
ATTR: "Prefix" = "TD2"

Level 03: < MechanismProperties > (Element 14)

ATTR: "AnonymousAuthentication" = "no"
ATTR: "AuthenticationSupported" = "no"
ATTR: "AuthorizationSupported" = "no"
ATTR: "ConfidentialityDesired" = "yes"
ATTR: "CredentialIsUPN" = "yes"
ATTR: "CredentialUsage" = "0"
ATTR: "DHKeyG" =
0000000000000000000000000000000000000000000000000000000000000000
0000000000000000000000000000000000000000000000000000000000000000
00000000000000000000000000000005
ATTR: "DHKeyG2048" =
0000000000000000000000000000000000000000000000000000000000000000
0000000000000000000000000000000000000000000000000000000000000000
0000000000000000000000000000000000000000000000000000000000000000
0000000000000000000000000000000000000000000000000000000000000000
0000000000000000000000000000000000000000000000000000000000000000
0000000000000000000000000000000000000000000000000000000000000000
0000000000000000000000000000000000000000000000000000000000000000
0000000000000000000000000000000000000000000000000000000000000005

ATTR: "DHKeyP" =
E4BE0A78F54C4A0B17E7E9249A78BCC08868C17281D8463C880937853E73DDC7
87E41580A8AFE2594D984C9E0814C590790354ECCD1BE8EA85961E5E0974B32E
FE178335F061E80189B4BDAA20F67B47
ATTR: "DHKeyP2048" =
8AB3F86E8D374B782F31DAD5F27D6AFDA30150C11A20CF6346712AE2D2C6B70A
5B79D45D4C0C232A065B207B121B2C33E147B5983C38A1087F272703B0B839CB
A6F71C5D0EB51EC890934EACF2C7DD2A1DF6F55E89B145A0359D35EF8FB6C561
E157B13FF927A35E69963648614902B1034EF71197F545DEF3236244EADAE068
9E624CF1245953630AE042BD797C4025E37C51D9F6CBDA0B2278FA7D5CA2D9CA
930BE2968330C811A4BA4D0845333C0D62E3EE742154F6B62F2951CD8C73C43B
5AA1C7819DEF1D7C9314411E465F8E4796666594AADE0AEB3F1256E5719E7AE5
4DD34FFDA949634E4A293C5BC60AF258BB9FE558086E83B3DD3D7491966DEE93
ATTR: "DefaultMechanism" = "yes"
ATTR: "DefaultNegotiatingMechanism" = "no"
ATTR: "DelegateCredentials" = "no"
ATTR: "DesiredContextTime" = ""
ATTR: "DesiredCredentialTime" = ""
ATTR: "IntegrityDesired" = "yes"
ATTR: "MechanismEnabled" = "yes"
ATTR: "MechanismIgnoresQop" = "no"
ATTR: "MechanismRank" = "20"
ATTR: "MutualAuthentication" = "yes"
ATTR: "NegotiationSupported" = "no"
ATTR: "OutOfSequenceDetection" = "yes"
ATTR: "ReplayDetection" = "yes"
ATTR: "SingleSignOnSupported" = "no"
ATTR: "UseLdapConfig" = "no"
ATTR: "VerifyDHKey" = "no"

Level 03: < MechQop > (Element 15)

ATTR: "Value" = "0"
DATA: "GLOBAL_QOP_1"

Level 03: < MechQop > (Element 16)

ATTR: "Value" = "Default"
DATA: "AES-K128_GCM_PKCS5Padding_SHA2_DH-K2048 AES-K128_CBC_PKCS5Paddin
g_SHA1_DH-K2048 AES-K192_GCM_PKCS5Padding_SHA2_DH-K2048 AES-K192
_CBC_PKCS5Padding_SHA1_DH-K2048 AES-K256_GCM_PKCS5Padding_SHA2_D
H-K2048 AES-K256_CBC_PKCS5Padding_SHA1_DH-K2048"

Level 02: < Mechanism > (Element 7)

ATTR: "InterfaceType" = "gss"
ATTR: "LibraryName" = "gssp2gss"
ATTR: "Name" = "KRB5"
ATTR: "ObjectId" = "1.2.840.113554.1.2.2"
ATTR: "Prefix" = "gssp2gss"

Level 03: < MechanismProperties > (Element 17)

ATTR: "AnonymousAuthentication" = "no"
ATTR: "AuthenticationSupported" = "yes"
ATTR: "AuthorizationSupported" = "yes"
ATTR: "ConfidentialityDesired" = "yes"
ATTR: "CredentialIsUPN" = "yes"
ATTR: "CredentialUsage" = "0"
ATTR: "DefaultMechanism" = "no"
ATTR: "DefaultNegotiatingMechanism" = "no"
ATTR: "DelegateCredentials" = "yes"
ATTR: "DesiredContextTime" = ""
ATTR: "DesiredCredentialTime" = ""
ATTR: "GenerateCredentialFromLogon" = "yes"
ATTR: "IntegrityDesired" = "yes"
ATTR: "LdapBaseFQDN" = "dc=esrootdom,dc=esdev,dc=tdat"
ATTR: "LdapClientDebug" = "0"
ATTR: "LdapClientDeref" = "never"
ATTR: "LdapClientMechanism" = "SASL/DIGEST-MD5"
ATTR: "LdapClientRandomDevice" = "/dev/urandom"
ATTR: "LdapClientRebindAuth" = "yes"
ATTR: "LdapClientReferrals" = "off"
ATTR: "LdapClientSaslSecProps" = ""
ATTR: "LdapClientUseTls" = "no"
ATTR: "LdapGroupBaseFQDN" = ""
ATTR: "LdapServerName" = "ldaps://esroot/"
ATTR: "LdapServerPort" = "0"
ATTR: "LdapServerRealm" = "esroot.esrootdom.esdev.tdat"
ATTR: "LdapServiceFQDN" = "cn=drct01,ou=people,ou=testing,dc=esrootdom,dc=esdev,dc=tdat"
ATTR: "LdapServicePassword" = "Ad0+xzytkxtG5tByCfgT+qg="
ATTR: "LdapServicePasswordProtected" = "yes"
ATTR: "LdapSystemFQDN" = "cn=end2end,cn=tdat,ou=testing,dc=esrootdom,dc=esdev,dc=tdat"
ATTR: "LdapUserBaseFQDN" = ""
ATTR: "MechanismEnabled" = "yes"
ATTR: "MechanismIgnoresQop" = "yes"
ATTR: "MechanismRank" = "40"
ATTR: "MutualAuthentication" = "yes"
ATTR: "NegotiationSupported" = "no"
ATTR: "OutOfSequenceDetection" = "yes"
ATTR: "ReplayDetection" = "yes"
ATTR: "SingleSignOnSupported" = "yes"
ATTR: "TeradataKeyTab" = "/etc/teradata.keytab"
ATTR: "UseLdapConfig" = "no"
ATTR: "LdapServiceBindRequired" = "yes"

Level 03: < IdentitySearch > (Element 18)

ATTR: "Base" = "ou=testing,dc=esrootdom,dc=esdev,dc=tdat"
ATTR: "BindName" = "${result}"
ATTR: "DatabaseName" = "${0}"
ATTR: "Filter" = "(userPrincipalName=${1}@esrootdom.esdev.tdat)"
ATTR: "Match" = "(.+)"
ATTR: "Scope" = "subtree"

Level 03: < RequiredLibrary > (Element 19)

ATTR: "Path" = "/usr/lib64/libgssapi_krb5.so"

Level 03: < RequiredLibrary > (Element 20)

ATTR: "Path" = "/usr/lib64/libgssapi_krb5.so.2"

Level 03: < RequiredLibrary > (Element 21)

ATTR: "Path" = "/lib64/libgssapi_krb5.so.2"

Level 03: < RequiredLibrary > (Element 22)

ATTR: "Path" = "/usr/lib/libgssapi_krb5.so"

Level 03: < RequiredLibrary > (Element 23)

ATTR: "Path" = "/usr/lib/libgssapi_krb5.so.2"

Level 03: < RequiredLibrary > (Element 24)

ATTR: "Path" = "/lib/libgssapi_krb5.so.2"

Level 03: < MechQop > (Element 25)

ATTR: "Value" = "0"
DATA: "GLOBAL_QOP_0"

Level 02: < Mechanism > (Element 8)

ATTR: "InterfaceType" = "custom"
ATTR: "LibraryName" = "gssp2ldap"
ATTR: "Name" = "ldap"
ATTR: "ObjectId" = "1.3.6.1.4.1.191.1.1012.1.20"
ATTR: "Prefix" = "ldapv3"
Level 03: < MechanismProperties > (Element 26)
ATTR: "AnonymousAuthentication" = "no"
ATTR: "AuthenticationSupported" = "yes"
ATTR: "AuthorizationSupported" = "yes"
ATTR: "ConfidentialityDesired" = "yes"
ATTR: "CredentialIsUPN" = "yes"
ATTR: "CredentialUsage" = "0"
ATTR: "DHKeyG" =
0000000000000000000000000000000000000000000000000000000000000000
0000000000000000000000000000000000000000000000000000000000000000
00000000000000000000000000000005
ATTR: "DHKeyG2048" =
0000000000000000000000000000000000000000000000000000000000000000
0000000000000000000000000000000000000000000000000000000000000000
0000000000000000000000000000000000000000000000000000000000000000
0000000000000000000000000000000000000000000000000000000000000000
0000000000000000000000000000000000000000000000000000000000000000
0000000000000000000000000000000000000000000000000000000000000000
0000000000000000000000000000000000000000000000000000000000000000
0000000000000000000000000000000000000000000000000000000000000005

ATTR: "DHKeyP" =
E4BE0A78F54C4A0B17E7E9249A78BCC08868C17281D8463C880937853E73DDC7
87E41580A8AFE2594D984C9E0814C590790354ECCD1BE8EA85961E5E0974B32E
FE178335F061E80189B4BDAA20F67B47
ATTR: "DHKeyP2048" =
8AB3F86E8D374B782F31DAD5F27D6AFDA30150C11A20CF6346712AE2D2C6B70A
5B79D45D4C0C232A065B207B121B2C33E147B5983C38A1087F272703B0B839CB
A6F71C5D0EB51EC890934EACF2C7DD2A1DF6F55E89B145A0359D35EF8FB6C561
E157B13FF927A35E69963648614902B1034EF71197F545DEF3236244EADAE068
9E624CF1245953630AE042BD797C4025E37C51D9F6CBDA0B2278FA7D5CA2D9CA
930BE2968330C811A4BA4D0845333C0D62E3EE742154F6B62F2951CD8C73C43B
5AA1C7819DEF1D7C9314411E465F8E4796666594AADE0AEB3F1256E5719E7AE5
4DD34FFDA949634E4A293C5BC60AF258BB9FE558086E83B3DD3D7491966DEE93
ATTR: "DefaultMechanism" = "no"
ATTR: "DefaultNegotiatingMechanism" = "no"
ATTR: "DelegateCredentials" = "no"
ATTR: "DesiredContextTime" = ""
ATTR: "DesiredCredentialTime" = ""
ATTR: "GenerateCredentialFromLogon" = "yes"
ATTR: "IntegrityDesired" = "yes"
ATTR: "LdapAllowUnsafeServerConnect" = "yes"
ATTR: "LdapBaseFQDN" = "dc=esrootdom,dc=esdev,dc=tdat"
ATTR: "LdapClientDebug" = "0"
ATTR: "LdapClientDeref" = "never"
ATTR: "LdapClientMechanism" = "simple"
ATTR: "LdapClientRandomDevice" = "/dev/urandom"
ATTR: "LdapClientRebindAuth" = "yes"
ATTR: "LdapClientReferrals" = "off"
ATTR: "LdapClientSaslSecProps" = ""
ATTR: "LdapClientTlsCACert" = ""
ATTR: "LdapClientTlsCACertDir" = ""
ATTR: "LdapClientTlsCRLCheck" = "none"
ATTR: "LdapClientTlsCert" = ""
ATTR: "LdapClientTlsCipherSuite" = ""
ATTR: "LdapClientTlsKey" = ""
ATTR: "LdapClientTlsRandFile" = ""
ATTR: "LdapClientTlsReqCert" = "never"
ATTR: "LdapClientUseTls" = "no"
ATTR: "LdapGroupBaseFQDN" = ""
ATTR: "LdapServerName" = "ldaps://esroot/"
ATTR: "LdapServerPort" = "0"
ATTR: "LdapServerRealm" = "esroot.esrootdom.esdev.tdat"
ATTR: "LdapServiceBindRequired" = "yes"
ATTR: "LdapServiceFQDN" = "cn=drct01,ou=people,ou=testing,dc=esrootdom,dc=esdev,dc=tdat"
ATTR: "LdapServicePassword" = "Ad0+xzytkxtG5tByCfgT+qg="
ATTR: "LdapServicePasswordProtected" = "yes"
ATTR: "LdapSystemFQDN" = "cn=end2end,cn=tdat,ou=testing,dc=esrootdom,dc=esdev,dc=tdat"
ATTR: "LdapUserBaseFQDN" = ""
ATTR: "MechanismEnabled" = "yes"
ATTR: "MechanismIgnoresQop" = "no"
ATTR: "MechanismRank" = "70"
ATTR: "MutualAuthentication" = "yes"
ATTR: "NegotiationSupported" = "no"
ATTR: "OutOfSequenceDetection" = "yes"
ATTR: "ReplayDetection" = "yes"
ATTR: "SingleSignOnSupported" = "no"
ATTR: "UseLdapConfig" = "no"
ATTR: "VerifyDHKey" = "no"

Level 03: < IdentityMap > (Element 27)

ATTR: "BindName" = "${result}"
ATTR: "DatabaseName" = "${0}"
ATTR: "Match" = "([^\.=@]+)"
ATTR: "Pattern" = "cn=${1},ou=people,ou=testing,dc=esrootdom,dc=esdev,dc=tdat"

Level 03: < MechQop > (Element 28)

ATTR: "Value" = "0"
DATA: "GLOBAL_QOP_0"

Level 03: < MechQop > (Element 29)

ATTR: "Value" = "Default"
DATA: "AES-K128_GCM_PKCS5Padding_SHA2_DH-K2048 AES-K128_CBC_PKCS5Paddin
g_SHA1_DH-K2048 AES-K192_GCM_PKCS5Padding_SHA2_DH-K2048 AES-K192
_CBC_PKCS5Padding_SHA1_DH-K2048 AES-K256_GCM_PKCS5Padding_SHA2_D
H-K2048 AES-K256_CBC_PKCS5Padding_SHA1_DH-K2048"

Level 02: < Mechanism > (Element 9)

ATTR: "InterfaceType" = "custom"
ATTR: "LibraryName" = "gssp2jwt"
ATTR: "Name" = "JWT"
ATTR: "ObjectId" = "1.3.6.1.4.1.28698.4.302.1.4"
ATTR: "Prefix" = "JWT"

Level 03: < MechanismProperties > (Element 30)

ATTR: "AnonymousAuthentication" = "no"
ATTR: "AuthenticationSupported" = "yes"
ATTR: "AuthorizationSupported" = "no"
ATTR: "ConfidentialityDesired" = "yes"
ATTR: "CredentialIsUPN" = "yes"
ATTR: "CredentialUsage" = "0"

ATTR: "DHKeyG2048" =
0000000000000000000000000000000000000000000000000000000000000000
0000000000000000000000000000000000000000000000000000000000000000
0000000000000000000000000000000000000000000000000000000000000000
0000000000000000000000000000000000000000000000000000000000000000
0000000000000000000000000000000000000000000000000000000000000000
0000000000000000000000000000000000000000000000000000000000000000
0000000000000000000000000000000000000000000000000000000000000000
0000000000000000000000000000000000000000000000000000000000000005

ATTR: "DHKeyP2048" =
8AB3F86E8D374B782F31DAD5F27D6AFDA30150C11A20CF6346712AE2D2C6B70A
5B79D45D4C0C232A065B207B121B2C33E147B5983C38A1087F272703B0B839CB
A6F71C5D0EB51EC890934EACF2C7DD2A1DF6F55E89B145A0359D35EF8FB6C561
E157B13FF927A35E69963648614902B1034EF71197F545DEF3236244EADAE068
9E624CF1245953630AE042BD797C4025E37C51D9F6CBDA0B2278FA7D5CA2D9CA
930BE2968330C811A4BA4D0845333C0D62E3EE742154F6B62F2951CD8C73C43B
5AA1C7819DEF1D7C9314411E465F8E4796666594AADE0AEB3F1256E5719E7AE5
4DD34FFDA949634E4A293C5BC60AF258BB9FE558086E83B3DD3D7491966DEE93

ATTR: "DefaultMechanism" = "no"
ATTR: "DefaultNegotiatingMechanism" = "no"
ATTR: "DelegateCredentials" = "no"
ATTR: "DesiredContextTime" = ""
ATTR: "DesiredCredentialTime" = ""
ATTR: "GenerateCredentialFromLogon" = "yes"
ATTR: "IntegrityDesired" = "yes"
ATTR: "JWTDecryptionKeyFile" = ""
ATTR: "JWTSkewTime" = "300"
ATTR: "JWTVerificationKeyFile" = ""
ATTR: "MechanismEnabled" = "no"
ATTR: "MechanismIgnoresQop" = "no"
ATTR: "MechanismRank" = "30"
ATTR: "MutualAuthentication" = "no"
ATTR: "NegotiationSupported" = "yes"
ATTR: "OutOfSequenceDetection" = "yes"
ATTR: "ReplayDetection" = "yes"
ATTR: "SingleSignOnSupported" = "yes"
ATTR: "UseLdapConfig" = "no"

Level 03: < MechQop > (Element 31)

ATTR: "Value" = "Default"
DATA: "AES-K128_GCM_PKCS5Padding_SHA2_DH-K2048 AES-K192_GCM_PKCS5Paddin
g_SHA2_DH-K2048 AES-K256_GCM_PKCS5Padding_SHA2_DH-K2048 AES-K128
_CBC_PKCS5Padding_SHA1_DH-K2048 AES-K192_CBC_PKCS5Padding_SHA1_D
H-K2048 AES-K256_CBC_PKCS5Padding_SHA1_DH-K2048"

Level 02: < Mechanism > (Element 10)

ATTR: "InterfaceType" = "teradata"
ATTR: "LibraryName" = "gssp2td1"
ATTR: "Name" = "TD1"
ATTR: "ObjectId" = "1.3.6.1.4.1.191.1.1012.1.1.8"
ATTR: "Prefix" = "TD1"

Level 03: < MechanismProperties > (Element 32)

ATTR: "AnonymousAuthentication" = "no"
ATTR: "AuthenticationSupported" = "no"
ATTR: "AuthorizationSupported" = "no"
ATTR: "ConfidentialityDesired" = "yes"
ATTR: "CredentialIsUPN" = "yes"
ATTR: "CredentialUsage" = "0"
ATTR: "DefaultMechanism" = "no"
ATTR: "DefaultNegotiatingMechanism" = "no"
ATTR: "DelegateCredentials" = "no"
ATTR: "DesiredContextTime" = ""
ATTR: "DesiredCredentialTime" = ""
ATTR: "IntegrityDesired" = "yes"
ATTR: "MechanismEnabled" = "no"
ATTR: "MechanismIgnoresQop" = "yes"
ATTR: "MechanismRank" = "10"
ATTR: "MutualAuthentication" = "yes"
ATTR: "NegotiationSupported" = "no"
ATTR: "OutOfSequenceDetection" = "yes"
ATTR: "ReplayDetection" = "yes"
ATTR: "SingleSignOnSupported" = "no"
ATTR: "UseLdapConfig" = "no"

Level 03: < MechQop > (Element 33)

ATTR: "Value" = "0"
DATA: "GLOBAL_QOP_0"

Level 02: < Mechanism > (Element 11)

ATTR: "InterfaceType" = "negotiate"
ATTR: "LibraryName" = "gssp2spnego"
ATTR: "Name" = "SPNEGO"
ATTR: "ObjectId" = "1.3.6.1.5.5.2"
ATTR: "Prefix" = "spnego"

Level 03: < MechanismProperties > (Element 34)

ATTR: "AnonymousAuthentication" = "no"
ATTR: "AuthenticationSupported" = "yes"
ATTR: "AuthorizationSupported" = "no"
ATTR: "ConfidentialityDesired" = "yes"
ATTR: "CredentialIsUPN" = "yes"
ATTR: "CredentialUsage" = "0"
ATTR: "DefaultMechanism" = "no"
ATTR: "DefaultNegotiatingMechanism" = "no"
ATTR: "DelegateCredentials" = "yes"
ATTR: "DesiredContextTime" = ""
ATTR: "DesiredCredentialTime" = ""
ATTR: "IntegrityDesired" = "yes"
ATTR: "LdapBaseFQDN" = ""
ATTR: "LdapClientDebug" = "0"
ATTR: "LdapClientDeref" = "never"
ATTR: "LdapClientMechanism" = "SASL/DIGEST-MD5"
ATTR: "LdapClientRandomDevice" = "/dev/urandom"
ATTR: "LdapClientRebindAuth" = "yes"
ATTR: "LdapClientReferrals" = "off"
ATTR: "LdapClientSaslSecProps" = ""
ATTR: "LdapClientUseTls" = "no"
ATTR: "LdapGroupBaseFQDN" = ""
ATTR: "LdapServerName" = ""
ATTR: "LdapServerPort" = "389"
ATTR: "LdapServerRealm" = ""
ATTR: "LdapServiceFQDN" = ""
ATTR: "LdapServicePassword" = ""
ATTR: "LdapServicePasswordProtected" = "no"
ATTR: "LdapSystemFQDN" = ""
ATTR: "LdapUserBaseFQDN" = ""
ATTR: "MechanismEnabled" = "yes"
ATTR: "MechanismRank" = "65"
ATTR: "MutualAuthentication" = "yes"
ATTR: "NegotiationSupported" = "no"
ATTR: "OutOfSequenceDetection" = "yes"
ATTR: "ReplayDetection" = "yes"
ATTR: "SingleSignOnSupported" = "yes"
ATTR: "UseLdapConfig" = "no"

Level 03: < MechQop > (Element 35)

ATTR: "Value" = "0"
DATA: "GLOBAL_QOP_1"

Level 03: < NegotiatedMechanism > (Element 36)

ATTR: "Enable" = "yes"
ATTR: "ObjectId" = "1.2.840.113554.1.2.2"

Level 02: < Mechanism > (Element 12)

ATTR: "InterfaceType" = "custom"
ATTR: "LibraryName" = "gssp2proxy"
ATTR: "Name" = "PROXY"
ATTR: "ObjectId" = "1.3.6.1.4.1.28698.4.302.1.2"
ATTR: "Prefix" = "Proxy"

Level 03: < MechanismProperties > (Element 37)

ATTR: "AnonymousAuthentication" = "no"
ATTR: "AuthenticationSupported" = "yes"
ATTR: "AuthorizationSupported" = "no"
ATTR: "CACertDir" = ""
ATTR: "CACertFile" = ""
ATTR: "CertificateFile" = ""
ATTR: "ConfidentialityDesired" = "yes"
ATTR: "CredentialIsUPN" = "yes"
ATTR: "CredentialUsage" = "0"
ATTR: "DHKeyG" =
0000000000000000000000000000000000000000000000000000000000000000
0000000000000000000000000000000000000000000000000000000000000000
00000000000000000000000000000005
ATTR: "DHKeyG2048" =
0000000000000000000000000000000000000000000000000000000000000000
0000000000000000000000000000000000000000000000000000000000000000
0000000000000000000000000000000000000000000000000000000000000000
0000000000000000000000000000000000000000000000000000000000000000
0000000000000000000000000000000000000000000000000000000000000000
0000000000000000000000000000000000000000000000000000000000000000
0000000000000000000000000000000000000000000000000000000000000000
0000000000000000000000000000000000000000000000000000000000000005

ATTR: "DHKeyP" =
E4BE0A78F54C4A0B17E7E9249A78BCC08868C17281D8463C880937853E73DDC7
87E41580A8AFE2594D984C9E0814C590790354ECCD1BE8EA85961E5E0974B32E
FE178335F061E80189B4BDAA20F67B47
ATTR: "DHKeyP2048" =
8AB3F86E8D374B782F31DAD5F27D6AFDA30150C11A20CF6346712AE2D2C6B70A
5B79D45D4C0C232A065B207B121B2C33E147B5983C38A1087F272703B0B839CB
A6F71C5D0EB51EC890934EACF2C7DD2A1DF6F55E89B145A0359D35EF8FB6C561
E157B13FF927A35E69963648614902B1034EF71197F545DEF3236244EADAE068
9E624CF1245953630AE042BD797C4025E37C51D9F6CBDA0B2278FA7D5CA2D9CA
930BE2968330C811A4BA4D0845333C0D62E3EE742154F6B62F2951CD8C73C43B
5AA1C7819DEF1D7C9314411E465F8E4796666594AADE0AEB3F1256E5719E7AE5
4DD34FFDA949634E4A293C5BC60AF258BB9FE558086E83B3DD3D7491966DEE93
ATTR: "DefaultMechanism" = "no"
ATTR: "DefaultNegotiatingMechanism" = "no"
ATTR: "DelegateCredentials" = "no"
ATTR: "DesiredContextTime" = ""
ATTR: "DesiredCredentialTime" = ""
ATTR: "GenerateCredentialFromLogon" = "yes"
ATTR: "IntegrityDesired" = "yes"
ATTR: "MechanismEnabled" = "yes"
ATTR: "MechanismIgnoresQop" = "no"
ATTR: "MechanismRank" = "70"
ATTR: "MutualAuthentication" = "yes"
ATTR: "NegotiationSupported" = "no"
ATTR: "OutOfSequenceDetection" = "yes"
ATTR: "PrivateKeyFile" = ""
ATTR: "PrivateKeyPassword" = ""
ATTR: "PrivateKeyPasswordProtected" = "no"
ATTR: "ProxySupported" = "yes"
ATTR: "ReplayDetection" = "yes"
ATTR: "SigningHashAlgorithm" = "SHA256"
ATTR: "SingleSignOnSupported" = "no"
ATTR: "UseLdapConfig" = "no"

Level 03: < MechQop > (Element 38)

ATTR: "Value" = "0"
DATA: "GLOBAL_QOP_1"

Level 03: < MechQop > (Element 39)

ATTR: "Value" = "Default"
DATA: "AES-K128_GCM_PKCS5Padding_SHA2_DH-K2048 AES-K128_CBC_PKCS5Paddin
g_SHA1_DH-K2048 AES-K192_GCM_PKCS5Padding_SHA2_DH-K2048 AES-K192
_CBC_PKCS5Padding_SHA1_DH-K2048 AES-K256_GCM_PKCS5Padding_SHA2_D
H-K2048 AES-K256_CBC_PKCS5Padding_SHA1_DH-K2048"

Level 02: < Mechanism > (Element 13)

ATTR: "InterfaceType" = "negotiate"
ATTR: "LibraryName" = "gssp2tdnego"
ATTR: "Name" = "TDNEGO"
ATTR: "ObjectId" = "1.3.6.1.4.1.28698.4.302.1.3"
ATTR: "Prefix" = "TDNEGO"

Level 03: < MechanismProperties > (Element 40)

ATTR: "AuthenticationSupported" = "yes"
ATTR: "AuthorizationSupported" = "yes"
ATTR: "ConfidentialityDesired" = "yes"
ATTR: "CredentialIsUPN" = "yes"
ATTR: "DefaultMechanism" = "no"
ATTR: "DefaultNegotiatingMechanism" = "no"
ATTR: "DelegateCredentials" = "yes"
ATTR: "GenerateCredentialFromLogon" = "yes"
ATTR: "IntegrityDesired" = "yes"
ATTR: "MechanismEnabled" = "yes"
ATTR: "MechanismRank" = "10"
ATTR: "MutualAuthentication" = "yes"
ATTR: "NegotiationSupported" = "yes"
ATTR: "OutOfSequenceDetection" = "yes"
ATTR: "ReplayDetection" = "yes"
ATTR: "SingleSignOnSupported" = "yes"
ATTR: "UseLdapConfig" = "no"

Level 03: < NegotiatedMechanism > (Element 41)

ATTR: "Enable" = "yes"
ATTR: "ObjectId" = "1.2.840.113554.1.2.2"

Level 03: < NegotiatedMechanism > (Element 42)

ATTR: "Enable" = "yes"
ATTR: "ObjectId" = "1.3.6.1.5.5.2"

Level 03: < NegotiatedMechanism > (Element 43)

ATTR: "Enable" = "yes"
ATTR: "ObjectId" = "1.3.6.1.4.1.28698.4.302.1.4"

Level 03: < NegotiatedMechanism > (Element 44)

ATTR: "Enable" = "yes"
ATTR: "ObjectId" = "1.3.6.1.4.1.191.1.1012.1.20"

Level 03: < NegotiatedMechanism > (Element 45)

ATTR: "Enable" = "yes"
ATTR: "ObjectId" = "1.3.6.1.4.1.191.1.1012.1.1.9"

Level 01: < LdapConfig > (Element 3)

Level 02: < Tls > (Element 46)

ATTR: "LdapClientTlsCACert" = ""
ATTR: "LdapClientTlsCACertDir" = ""
ATTR: "LdapClientTlsCRLCheck" = "none"
ATTR: "LdapClientTlsCert" = ""
ATTR: "LdapClientTlsCipherSuite" = ""
ATTR: "LdapClientTlsKey" = ""
ATTR: "LdapClientTlsRandFile" = ""
ATTR: "LdapClientTlsReqCert" = "never"

Level 02: < Services > (Element 47)

Level 03: < Service > (Element 49)

ATTR: "Id" = "esrootdom"
ATTR: "LdapAllowUnsafeServerConnect" = "yes"
ATTR: "LdapBaseFQDN" = "dc=esrootdom,dc=esdev,dc=tdat"
ATTR: "LdapClientDebug" = "0"
ATTR: "LdapClientDeref" = "never"
ATTR: "LdapClientMechanism" = "simple"
ATTR: "LdapClientRandomDevice" = "/dev/urandom"
ATTR: "LdapClientRebindAuth" = "yes"
ATTR: "LdapClientReferrals" = "off"
ATTR: "LdapClientSaslSecProps" = ""
ATTR: "LdapClientUseTls" = "no"
ATTR: "LdapGroupBaseFQDN" = ""
ATTR: "LdapServerName" = "ldap://esroot.esrootdom.esdev.tdat:389/"
ATTR: "LdapServerPort" = "389"
ATTR: "LdapServerRealm" = ""
ATTR: "LdapServiceBindRequired" = "no"
ATTR: "LdapServiceFQDN" = "cn=drct01,ou=people,ou=testing,dc=esrootdom,dc=esdev,dc=tdat"
ATTR: "LdapServicePassword" = "secret"
ATTR: "LdapServicePasswordProtected" = "no"
ATTR: "LdapSystemFQDN" = "cn=end2end,cn=tdat,ou=testing,dc=esrootdom,dc=esdev,dc=tdat"
ATTR: "LdapUserBaseFQDN" = ""

Level 03: < Service > (Element 50)

ATTR: "Id" = "tdgs23"
ATTR: "LdapAllowUnsafeServerConnect" = "yes"
ATTR: "LdapBaseFQDN" = "dc=esrootdom,dc=esdev,dc=tdat"
ATTR: "LdapClientDebug" = "0"
ATTR: "LdapClientDeref" = "never"
ATTR: "LdapClientMechanism" = "simple"
ATTR: "LdapClientRandomDevice" = "/dev/urandom"
ATTR: "LdapClientRebindAuth" = "yes"
ATTR: "LdapClientReferrals" = "off"
ATTR: "LdapClientSaslSecProps" = ""
ATTR: "LdapClientUseTls" = "no"
ATTR: "LdapGroupBaseFQDN" = "dc=esrootdom,dc=esdev,dc=tdat"
ATTR: "LdapServerName" = "ldap://tdgss.esrootdom.esdev.tdat:389/"
ATTR: "LdapServerPort" = "389"
ATTR: "LdapServerRealm" = ""
ATTR: "LdapServiceBindRequired" = "no"
ATTR: "LdapServiceFQDN" = "cn=drct01,ou=people,ou=testing,dc=esrootdom,dc=esdev,dc=tdat"
ATTR: "LdapServicePassword" = "secret"
ATTR: "LdapServicePasswordProtected" = "no"
ATTR: "LdapSystemFQDN" = "cn=end2end,cn=tdat,ou=testing,dc=esrootdom,dc=esdev,dc=tdat"
ATTR: "LdapUserBaseFQDN" = "dc=esrootdom,dc=esdev,dc=tdat"

Level 03: < Service > (Element 51)

ATTR: "Id" = "s3"
ATTR: "LdapAllowUnsafeServerConnect" = "yes"
ATTR: "LdapBaseFQDN" = "dc=esrootdom,dc=esdev,dc=tdat"
ATTR: "LdapClientDebug" = "0"
ATTR: "LdapClientDeref" = "never"
ATTR: "LdapClientMechanism" = "simple"
ATTR: "LdapClientRandomDevice" = "/dev/urandom"
ATTR: "LdapClientRebindAuth" = "yes"
ATTR: "LdapClientReferrals" = "off"
ATTR: "LdapClientSaslSecProps" = ""
ATTR: "LdapClientUseTls" = "no"
ATTR: "LdapGroupBaseFQDN" = "dc=esrootdom,dc=esdev,dc=tdat"
ATTR: "LdapServerName" = "ldap://esroot.esrootdom.esdev.tdat:389/"
ATTR: "LdapServerPort" = "389"
ATTR: "LdapServerRealm" = ""
ATTR: "LdapServiceBindRequired" = "no"
ATTR: "LdapServiceFQDN" = "cn=drct01,ou=people,ou=testing,dc=esrootdom,dc=esdev,dc=tdat"
ATTR: "LdapServicePassword" = "secret"
ATTR: "LdapServicePasswordProtected" = "no"
ATTR: "LdapSystemFQDN" = "cn=end2end,cn=tdat,ou=testing,dc=esrootdom,dc=esdev,dc=tdat"
ATTR: "LdapUserBaseFQDN" = "dc=esrootdom,dc=esdev,dc=tdat"

Level 03: < Service > (Element 52)

ATTR: "Id" = "s4"
ATTR: "LdapAllowUnsafeServerConnect" = "yes"
ATTR: "LdapBaseFQDN" = "dc=esrootdom,dc=esdev,dc=tdat"
ATTR: "LdapClientDebug" = "0"
ATTR: "LdapClientDeref" = "never"
ATTR: "LdapClientMechanism" = "simple"
ATTR: "LdapClientRandomDevice" = "/dev/urandom"
ATTR: "LdapClientRebindAuth" = "yes"
ATTR: "LdapClientReferrals" = "off"
ATTR: "LdapClientSaslSecProps" = ""
ATTR: "LdapClientUseTls" = "no"
ATTR: "LdapGroupBaseFQDN" = "dc=esrootdom,dc=esdev,dc=tdat"
ATTR: "LdapServerName" = "ldap://tdgss.esrootdom.esdev.tdat:389/"
ATTR: "LdapServerPort" = "389"
ATTR: "LdapServerRealm" = ""
ATTR: "LdapServiceBindRequired" = "no"
ATTR: "LdapServiceFQDN" = "cn=drct01,ou=people,ou=testing,dc=esrootdom,dc=esdev,dc=tdat"
ATTR: "LdapServicePassword" = "secret"
ATTR: "LdapServicePasswordProtected" = "no"
ATTR: "LdapSystemFQDN" = "cn=end2end,cn=tdat,ou=testing,dc=esrootdom,dc=esdev,dc=tdat"
ATTR: "LdapUserBaseFQDN" = "dc=esrootdom,dc=esdev,dc=tdat"

Level 02: < Canonicalizations > (Element 48)

Level 03: < IdentitySearch > (Element 53)

ATTR: "Base" = "ou=testing,dc=esrootdom,dc=esdev,dc=tdat"
ATTR: "BindName" = "${result}"
ATTR: "DatabaseName" = "${0}"
ATTR: "Filter" = "(userPrincipalName=${1}@esrootdom.esdev.tdat)"
ATTR: "Match" = "td-(.+)"
ATTR: "Ref" = "tdgs23"
ATTR: "Scope" = "subtree"

Level 03: < IdentitySearch > (Element 54)

ATTR: "Base" = "ou=testing,dc=esrootdom,dc=esdev,dc=tdat"
ATTR: "BindName" = "${result}"
ATTR: "DatabaseName" = "${0}"
ATTR: "Filter" = "(userPrincipalName=${1}@esrootdom.esdev.tdat)"
ATTR: "Match" = "sd-(.+)"
ATTR: "Ref" = "s3"
ATTR: "Scope" = "subtree"

Level 03: < IdentitySearch > (Element 55)

ATTR: "Base" = "ou=testing,dc=esrootdom,dc=esdev,dc=tdat"
ATTR: "BindName" = "${result}"
ATTR: "DatabaseName" = "${0}"
ATTR: "Filter" = "(userPrincipalName=${1}@esrootdom.esdev.tdat)"
ATTR: "Match" = "es-(.+)"
ATTR: "Ref" = "s4"
ATTR: "Scope" = "subtree"

Level 03: < IdentitySearch > (Element 56)

ATTR: "Base" = "ou=testing,dc=esrootdom,dc=esdev,dc=tdat"
ATTR: "BindName" = "${result}"
ATTR: "DatabaseName" = "${0}"
ATTR: "Filter" = "(userPrincipalName=${1}@esrootdom.esdev.tdat)"
ATTR: "Match" = "(.+)"
ATTR: "Ref" = "esrootdom"
ATTR: "Scope" = "subtree"

Level 01: < LegalValues > (Element 4)

Level 02: < AlgorithmName > (Element 57)

ATTR: "AES" = "2"
ATTR: "Blowfish" = "1"
ATTR: "DH" = "5"
ATTR: "DIFFIE_HELLMAN" = "5"
ATTR: "MD5" = "3"
ATTR: "NONE" = "0"
ATTR: "SHA1" = "4"
ATTR: "SHA256" = "6"
ATTR: "SHA512" = "7"
DATA: ""

Level 02: < KeyLength > (Element 58)

ATTR: "K0" = "0"
ATTR: "K1024" = "1024"
ATTR: "K128" = "128"
ATTR: "K192" = "192"
ATTR: "K2048" = "2048"
ATTR: "K256" = "256"
ATTR: "K416" = "416"
ATTR: "K448" = "448"
ATTR: "K512" = "512"
DATA: ""

Level 02: < KeyLengthP > (Element 59)

ATTR: "K2048" = "2048"
DATA: ""

Level 02: < Mode > (Element 60)

ATTR: "CBC" = "1"
ATTR: "CCM" = "6"
ATTR: "CFB" = "2"
ATTR: "CTR" = "7"
ATTR: "ECB" = "3"
ATTR: "GCM" = "5"
ATTR: "NONE" = "0"
ATTR: "OFB" = "4"
DATA: ""

Level 02: < Padding > (Element 61)

ATTR: "NoPadding" = "0"
ATTR: "OAEPWithDIGESTAndMGFPadding" = "1"
ATTR: "PKCS1Padding" = "3"
ATTR: "PKCS5Padding" = "4"
ATTR: "SSL3Padding" = "5"
DATA: ""

Level 02: < InterfaceType > (Element 62)

DATA: "gss sspi teradata custom negotiate"

Level 02: < AlgorithmType > (Element 63)

DATA: "Confidentiality Integrity KeyExchange"

Level 02: < MechanismProperties > (Element 64)

ATTR: "AnonymousAuthentication" = "23"
ATTR: "AuthenticationSupported" = "2"
ATTR: "AuthorizationSupported" = "3"
ATTR: "CACertDir" = "65"
ATTR: "CACertFile" = "64"
ATTR: "CertificateFile" = "60"
ATTR: "ConfidentialityDesired" = "21"
ATTR: "CredentialIsUPN" = "67"
ATTR: "CredentialUsage" = "26"
ATTR: "DHKeyG" = "101"
ATTR: "DHKeyG2048" = "103"
ATTR: "DHKeyP" = "100"
ATTR: "DHKeyP2048" = "102"
ATTR: "DefaultMechanism" = "16"
ATTR: "DefaultNegotiatingMechanism" = "112"
ATTR: "DelegateCredentials" = "18"
ATTR: "DesiredContextTime" = "24"
ATTR: "DesiredCredentialTime" = "25"
ATTR: "GenerateCredentialFromLogon" = "41"
ATTR: "IntegrityDesired" = "22"
ATTR: "JWTDecryptionKeyFile" = "114"
ATTR: "JWTSkewTime" = "116"
ATTR: "JWTVerificationKeyFile" = "115"
ATTR: "LdapAllowUnsafeServerConnect" = "57"
ATTR: "LdapBaseFQDN" = "32"
ATTR: "LdapClientDebug" = "38"
ATTR: "LdapClientDeref" = "37"
ATTR: "LdapClientMechanism" = "43"
ATTR: "LdapClientRandomDevice" = "40"
ATTR: "LdapClientRebindAuth" = "39"
ATTR: "LdapClientReferrals" = "36"
ATTR: "LdapClientSaslSecProps" = "56"
ATTR: "LdapClientTlsCACert" = "47"
ATTR: "LdapClientTlsCACertDir" = "48"
ATTR: "LdapClientTlsCRLCheck" = "54"
ATTR: "LdapClientTlsCert" = "49"
ATTR: "LdapClientTlsCipherSuite" = "53"
ATTR: "LdapClientTlsKey" = "50"
ATTR: "LdapClientTlsRandFile" = "51"
ATTR: "LdapClientTlsReqCert" = "52"
ATTR: "LdapClientUseTls" = "45"
ATTR: "LdapGroupBaseFQDN" = "34"
ATTR: "LdapServerName" = "28"
ATTR: "LdapServerPort" = "29"
ATTR: "LdapServerRealm" = "30"
ATTR: "LdapServiceBindRequired" = "44"
ATTR: "LdapServiceFQDN" = "46"
ATTR: "LdapServicePassword" = "42"
ATTR: "LdapServicePasswordFile" = "117"
ATTR: "LdapServicePasswordProtected" = "55"
ATTR: "LdapSystemFQDN" = "31"
ATTR: "LdapUserBaseFQDN" = "35"
ATTR: "MechanismEnabled" = "1"
ATTR: "MechanismIgnoresQop" = "111"
ATTR: "MechanismRank" = "17"
ATTR: "MutualAuthentication" = "19"
ATTR: "NegotiationSupported" = "113"
ATTR: "OutOfSequenceDetection" = "33"
ATTR: "PrivateKeyFile" = "61"
ATTR: "PrivateKeyPassword" = "62"
ATTR: "PrivateKeyPasswordProtected" = "63"
ATTR: "ProxySupported" = "59"
ATTR: "ReplayDetection" = "20"
ATTR: "SigningHashAlgorithm" = "66"
ATTR: "SingleSignOnSupported" = "8"
ATTR: "TeradataKeyTab" = "110"
ATTR: "UseLdapConfig" = "58"
ATTR: "VerifyDHKey" = "27"
DATA: ""

Level 02: < ConfigFileType > (Element 65)

DATA: "Library User"

Level 01: < GlobalQOPs > (Element 5)

Level 02: < GlobalQOP > (Element 66)

ATTR: "ConfidentialityAlgorithm" = "Blowfish"
ATTR: "IntegrityAlgorithm" = "NONE"
ATTR: "KeyExchangeAlgorithm" = "DH"
ATTR: "KeyLength" = "K128"
ATTR: "KeyLengthP" = "K2048"
ATTR: "Mode" = "ECB"
ATTR: "Padding" = "NoPadding"
ATTR: "Value" = "GLOBAL_QOP_0"

Level 02: < GlobalQOP > (Element 67)

ATTR: "ConfidentialityAlgorithm" = "AES"
ATTR: "IntegrityAlgorithm" = "SHA1"
ATTR: "KeyExchangeAlgorithm" = "DH"
ATTR: "KeyLength" = "K128"
ATTR: "KeyLengthP" = "K2048"
ATTR: "Mode" = "OFB"
ATTR: "Padding" = "PKCS5Padding"
ATTR: "Value" = "GLOBAL_QOP_1"

Level 02: < GlobalQOP > (Element 68)

ATTR: "ConfidentialityAlgorithm" = "AES"
ATTR: "IntegrityAlgorithm" = "SHA1"
ATTR: "KeyExchangeAlgorithm" = "DH"
ATTR: "KeyLength" = "K128"
ATTR: "KeyLengthP" = "K2048"
ATTR: "Mode" = "CBC"
ATTR: "Padding" = "PKCS5Padding"
ATTR: "Value" = "AES-K128_CBC_PKCS5Padding_SHA1_DH-K2048"

Level 02: < GlobalQOP > (Element 69)

ATTR: "ConfidentialityAlgorithm" = "AES"
ATTR: "IntegrityAlgorithm" = "SHA1"
ATTR: "KeyExchangeAlgorithm" = "DH"
ATTR: "KeyLength" = "K192"
ATTR: "KeyLengthP" = "K2048"
ATTR: "Mode" = "CBC"
ATTR: "Padding" = "PKCS5Padding"
ATTR: "Value" = "AES-K192_CBC_PKCS5Padding_SHA1_DH-K2048"

Level 02: < GlobalQOP > (Element 70)

ATTR: "ConfidentialityAlgorithm" = "AES"
ATTR: "IntegrityAlgorithm" = "SHA1"
ATTR: "KeyExchangeAlgorithm" = "DH"
ATTR: "KeyLength" = "K256"
ATTR: "KeyLengthP" = "K2048"
ATTR: "Mode" = "CBC"
ATTR: "Padding" = "PKCS5Padding"
ATTR: "Value" = "AES-K256_CBC_PKCS5Padding_SHA1_DH-K2048"

Level 02: < GlobalQOP > (Element 71)

ATTR: "ConfidentialityAlgorithm" = "AES"
ATTR: "IntegrityAlgorithm" = "SHA256"
ATTR: "KeyExchangeAlgorithm" = "DH"
ATTR: "KeyLength" = "K128"
ATTR: "KeyLengthP" = "K2048"
ATTR: "Mode" = "GCM"
ATTR: "Padding" = "PKCS5Padding"
ATTR: "Value" = "AES-K128_GCM_PKCS5Padding_SHA2_DH-K2048"

Level 02: < GlobalQOP > (Element 72)

ATTR: "ConfidentialityAlgorithm" = "AES"
ATTR: "IntegrityAlgorithm" = "SHA256"
ATTR: "KeyExchangeAlgorithm" = "DH"
ATTR: "KeyLength" = "K192"
ATTR: "KeyLengthP" = "K2048"
ATTR: "Mode" = "GCM"
ATTR: "Padding" = "PKCS5Padding"
ATTR: "Value" = "AES-K192_GCM_PKCS5Padding_SHA2_DH-K2048"

Level 02: < GlobalQOP > (Element 73)

ATTR: "ConfidentialityAlgorithm" = "AES"
ATTR: "IntegrityAlgorithm" = "SHA256"
ATTR: "KeyExchangeAlgorithm" = "DH"
ATTR: "KeyLength" = "K256"
ATTR: "KeyLengthP" = "K2048"
ATTR: "Mode" = "GCM"
ATTR: "Padding" = "PKCS5Padding"
ATTR: "Value" = "AES-K256_GCM_PKCS5Padding_SHA2_DH-K2048"

Level 02: < GlobalQOP > (Element 74)

ATTR: "ConfidentialityAlgorithm" = "AES"
ATTR: "IntegrityAlgorithm" = "SHA256"
ATTR: "KeyExchangeAlgorithm" = "DH"
ATTR: "KeyLength" = "K128"
ATTR: "KeyLengthP" = "K2048"
ATTR: "Mode" = "CCM"
ATTR: "Padding" = "PKCS5Padding"
ATTR: "Value" = "AES-K128_CCM_PKCS5Padding_SHA2_DH-K2048"

Level 02: < GlobalQOP > (Element 75)

ATTR: "ConfidentialityAlgorithm" = "AES"
ATTR: "IntegrityAlgorithm" = "SHA256"
ATTR: "KeyExchangeAlgorithm" = "DH"
ATTR: "KeyLength" = "K192"
ATTR: "KeyLengthP" = "K2048"
ATTR: "Mode" = "CCM"
ATTR: "Padding" = "PKCS5Padding"
ATTR: "Value" = "AES-K192_CCM_PKCS5Padding_SHA2_DH-K2048"

Level 02: < GlobalQOP > (Element 76)

ATTR: "ConfidentialityAlgorithm" = "AES"
ATTR: "IntegrityAlgorithm" = "SHA256"
ATTR: "KeyExchangeAlgorithm" = "DH"
ATTR: "KeyLength" = "K256"
ATTR: "KeyLengthP" = "K2048"
ATTR: "Mode" = "CCM"
ATTR: "Padding" = "PKCS5Padding"
ATTR: "Value" = "AES-K256_CCM_PKCS5Padding_SHA2_DH-K2048"

Level 02: < GlobalQOP > (Element 77)

ATTR: "ConfidentialityAlgorithm" = "AES"
ATTR: "IntegrityAlgorithm" = "SHA256"
ATTR: "KeyExchangeAlgorithm" = "DH"
ATTR: "KeyLength" = "K128"
ATTR: "KeyLengthP" = "K2048"
ATTR: "Mode" = "CTR"
ATTR: "Padding" = "PKCS5Padding"
ATTR: "Value" = "AES-K128_CTR_PKCS5Padding_SHA2_DH-K2048"

Level 02: < GlobalQOP > (Element 78)

ATTR: "ConfidentialityAlgorithm" = "AES"
ATTR: "IntegrityAlgorithm" = "SHA256"
ATTR: "KeyExchangeAlgorithm" = "DH"
ATTR: "KeyLength" = "K192"
ATTR: "KeyLengthP" = "K2048"
ATTR: "Mode" = "CTR"
ATTR: "Padding" = "PKCS5Padding"
ATTR: "Value" = "AES-K192_CTR_PKCS5Padding_SHA2_DH-K2048"

Level 02: < GlobalQOP > (Element 79)

ATTR: "ConfidentialityAlgorithm" = "AES"
ATTR: "IntegrityAlgorithm" = "SHA256"
ATTR: "KeyExchangeAlgorithm" = "DH"
ATTR: "KeyLength" = "K256"
ATTR: "KeyLengthP" = "K2048"
ATTR: "Mode" = "CTR"
ATTR: "Padding" = "PKCS5Padding"
ATTR: "Value" = "AES-K256_CTR_PKCS5Padding_SHA2_DH-K2048"



Do you want to select another configuration file? (y/n): n