17.10 - Example: ktpass Commands for a Two Node Setup - Advanced SQL Engine - Teradata Database

Teradata Vantage™ - Advanced SQL Engine Security Administration

Product
Advanced SQL Engine
Teradata Database
Release Number
17.10
Release Date
July 2021
Content Type
Administration
Security
Publication ID
B035-1100-171K
Language
English (United States)

The following example shows the ktpass commands that set up a Teradata Vantage system that contains two nodes, node tdatsysa1-1 and tdatsysa1-2.

ktpass command for node tdatsysa1-1:

ktpass -princ TERADATA/tdatsysa1-1.corp.teradata.com@CORP.TERADATA.COM
-mapuser tdatsysa1-1 -pass a$2Tya3 -ptype KRB5_NT_PRINCIPAL -out  domain_name.sys_name.keytab

ktpass command for node tdatsysa1-2:

ktpass -princ TERADATA/tdatsysa1-2.corp.teradata.com@CORP.TERADATA.COM
-mapuser tdatsysa1-2 -pass a$2Tya3 -ptype KRB5_NT_PRINCIPAL -out
domain_name.sys_name.keytab –in  domain_name.sys_name.keytab 
If your system resides in multiple domains, you must generate separate keytab files with unique file names for the Active Directory KDC in each domain. Make a list of the files for use in Installing the Kerberos Keys.

For systems with more than two nodes, you may find it more efficient to incorporate the ktpass commands into a script.