17.10 - Supporting Mechanisms - Advanced SQL Engine - Teradata Database

Teradata Vantage™ - Advanced SQL Engine Security Administration

Product
Advanced SQL Engine
Teradata Database
Release Number
17.10
Release Date
July 2021
Content Type
Administration
Security
Publication ID
B035-1100-171K
Language
English (United States)

The following table shows which mechanisms support each property.

  • Editable means the mechanism supports the property and the setting for the property may be edited.
  • Keep Default means the mechanism supports the property, but do not change the default setting for the property.
  • A blank cell means the mechanism does not support the property; for example, TD2 does not support the AuthenticationSupported property.
    • If no mechanisms for a property are selected, the property does not have any supporting mechanisms, is reserved for future use, or is unused. See the section for the specific property for details.
Teradata recommends viewing the Editing Guidelines for each property.
Basic Functional Properties JWT KRB5 LDAP PROXY SPNEGO TDNEGO TD2
AuthenticationSupported Keep Default Keep Default Keep Default Keep Default Keep Default Keep Default  
AuthorizationSupported   Editable Editable   Editable Keep Default  
GenerateCredentialFromLogon   Keep Default Keep Default Keep Default   Keep Default Keep Default
NegotiationSupported         Keep Default Keep Default  
SingleSignOnSupported   Keep Default     Keep Default Keep Default  
Confidentiality Properties JWT KRB5 LDAP PROXY SPNEGO TDNEGO TD2
DHKeyP and DHKeyG Editable   Editable Editable     Editable
VerifyDHKey             Editable
Directory Identification and Search Properties JWT KRB5 LDAP PROXY SPNEGO TDNEGO TD2
LdapBaseFQDN [Deprecated]   Editable Editable        
LdapClientDebug   Keep Default Keep Default        
LdapClientDeref   Keep Default Keep Default      
LdapClientRebindAuth   Editable Editable        
LdapClientReferrals   Editable Editable        
LdapCredentialIsUPN     Editable        
LdapGroupBaseFQDN   Editable Editable        
LdapServerName   Editable Editable        
LdapServerPort [Deprecated] [Deprecated]              
LdapServerRealm [Deprecated]   Editable Editable        
LdapSystemFQDN   Editable Editable        
LdapUserBaseFQDN   Editable Editable        
UseLdapConfig   Editable Editable        
JWT Support Properties JWT KRB5 LDAP PROXY SPNEGO TDNEGO TD2
JWTClientTlsCACertDir Editable            
JWTClientUseTls Editable            
JWTDecryptionKeyFile Editable            
JWTDynamicKey Editable            
JWTKeyCacheRefreshTime Editable            
JWTKeyDirectory Editable            
JWTRestAPIMaxTimeAllowed Editable            
JWTRestAPITimeLimit Editable            
JWTSkewTime Editable            
JWTTokenExchange Editable            
JWTVerificationKeyFile Editable            
LDAP Binding Properties JWT KRB5 LDAP PROXY SPNEGO TDNEGO TD2
LdapClientMechanism     Editable        
LdapServiceBindRequired     Editable        
LdapServiceFQDN   Editable Editable        
LdapServicePassword   Editable Editable        
LdapServicePasswordFile   Editable Editable        
LdapServicePasswordProtected   Editable Editable        
LDAP Policy Properties JWT KRB5 LDAP PROXY SPNEGO TDNEGO TD2
LdapNetworkBaseFQDN (configured in <LdapConfig> section in TdgssUserConfigFile.xml)              
LdapPolicyFQDN     Editable        
MechanismIgnoreQOP Keep Default Keep Default Keep Default Keep Default Keep Default   Keep Default
LDAP Protection Properties JWT KRB5 LDAP PROXY SPNEGO TDNEGO TD2
LdapAllowUnsafeServerConnect   Editable Editable        
LdapClientTlsCACert   Editable Editable        
LdapClientTlsCACertDir   Editable Editable        
LdapClientTlsCert   Editable Editable        
LdapClientTlsCipherSuite   Editable Editable        
LdapClientTlsCRLCheck   Editable Editable        
LdapClientTlsKey   Editable Editable        
LdapClientTlsRandFile   Editable Editable        
LdapClientTlsReqCert   Editable Editable        
LdapClientSASLSecProps     Editable        
LdapClientUseTLS   Editable Editable        
Mechanism Status Properties JWT KRB5 LDAP PROXY SPNEGO TDNEGO TD2
DefaultMechanism Editable Editable Editable   Editable Editable Editable
DefaultNegotiatingMechanism         Keep Default Editable  
MechanismEnabled Editable Editable Editable Editable Editable Editable Editable
MechanismRank   Editable Editable   Editable Editable Editable
Operational Properties JWT KRB5 LDAP PROXY SPNEGO TDNEGO TD2
AnonymousAuthentication (Reserved for future use)              
ConfidentialityDesired Keep Default Keep Default Keep Default Keep Default Keep Default Keep Default Keep Default
CredentialUsage Keep Default Keep Default Keep Default Keep Default Keep Default   Keep Default
DelegateCredentials (unused)              
DesiredContextTime (Reserved for future use)              
DesiredCredentialTime (Reserved for future use)              
IntegrityDesired Keep Default Keep Default Keep Default Keep Default Keep Default Keep Default Keep Default
MutualAuthentication   Editable     Editable Keep Default  
OutOfSequenceDetection Keep Default Keep Default   Keep Default Keep Default Keep Default  
ReplayDetection Keep Default Keep Default   Keep Default Keep Default Keep Default  
TeradataKeyTab   Editable          
Unity Support Properties JWT KRB5 LDAP PROXY SPNEGO TDNEGO TD2
CACertDir       Editable      
CACertFile       Editable      
CertificateFile       Editable      
PrivateKeyFile       Editable      
PrivateKeyPassword       Editable      
PrivateKeyPasswordProtected       Editable      
ProxySupported       Keep Default      
SigningHashAlgorithm       Editable