17.10 - Example: ktpass Commands for a Two Node Setup - Advanced SQL Engine - Teradata Database

Teradata Vantage™ - Advanced SQL Engine Security Administration

Advanced SQL Engine
Teradata Database
Release Number
Release Date
July 2021
Content Type
Publication ID
English (United States)

The following example shows the ktpass commands that set up a Teradata Vantage system that contains two nodes, node tdatsysa1-1 and tdatsysa1-2.

ktpass command for node tdatsysa1-1:

ktpass -princ TERADATA/tdatsysa1-1.corp.teradata.com@CORP.TERADATA.COM
-mapuser tdatsysa1-1 -pass a$2Tya3 -ptype KRB5_NT_PRINCIPAL -out  domain_name.sys_name.keytab

ktpass command for node tdatsysa1-2:

ktpass -princ TERADATA/tdatsysa1-2.corp.teradata.com@CORP.TERADATA.COM
-mapuser tdatsysa1-2 -pass a$2Tya3 -ptype KRB5_NT_PRINCIPAL -out
domain_name.sys_name.keytab –in  domain_name.sys_name.keytab 
If your system resides in multiple domains, you must generate separate keytab files with unique file names for the Active Directory KDC in each domain. Make a list of the files for use in Installing the Kerberos Keys.

For systems with more than two nodes, you may find it more efficient to incorporate the ktpass commands into a script.