The following security administration tools are included with the installation of TDGSS.
Tool | Description |
---|---|
dumpcfg | Allows you to view the TDGSS or TeraGSS configuration settings. These settings are stored in tdgssconfig.gdo, a binary-format globally distributed object file used by the database, or a flat file named tdgssconfig.bin for Unity or TTU clients. See Using the dumpcfg Utility to Check the Current Configuration. |
ipdir2bin | Adds directory-based IP restrictions to the IP GDO. See Enabling Directory-Based IP Restrictions with the ipdir2bin Utility. |
ipxml2bin | Adds XML based IP restrictions to the IP GDO. See Enabling XML-Based IP Restrictions with the ipxml2bin Utility. |
ldapadd | Standard LDAP tool used to add objects to the directory. See the sections beginning with Creating the Top-Level Objects in the DIT. |
ldapmodify | Used when adding Teradata schema extensions to a directory. See Installing Teradata Schema Extensions in a Certified Directory. |
ldapsearch | Used when testing directory access to find directory objects, such as a user or the RootDSE Object. See ldapsearch. |
nodenames | Obtains the list of host names that are used when generating signed certificates. Used by and with tlsutil. See nodenames Utility. |
run_tdgssconfig | Required by Unity to enable edits to TdgssUnityConfig.xml, for example, when you add a new mechanism or configure a mechanism property. See Making Changes to TdgssUserConfigFile.xml on Database Nodes. Note that TdgssUnityConfig.xml has the exact same format as TdgssUserConfigFile.xml, but is used specifically for Unity configuration. |
tdgssauth | Test and verify that security mechanism configurations are valid before bringing them live. You can use it with LDAP, Kerberos, and TDNEGO on Unity servers and Advanced SQL Engine nodes. |
tdgssgetinfo | Collects and displays information used to determine the health of the TDGSS or TeraGSS installed on the system. See tdgssgetinfo. |
tdsbind | Deprecated. Teradata recommends using tdgssauth instead of tdsbind.
|
tdspolicy | Identifies security policy restrictions that apply to a specified user, profile, and IP address. See Investigating Security Policy Assignments. tdgssauth can be used instead of tdspolicy.
|
tdspasswd | Generates and stores passwords in encrypted form:
|
tdgsstestcfg | Tests that TdgssUserConfigFile.xml changes are valid before making them permanent with run_tdgssconfig. See Working with tdgsstestcfg. |
tlsutil | Creates and installs signed certificates and private keys on SQL Engine. Used for TLS configuration. See tlsutil. |