TDGSS LdapClientUseTLS Property | Teradata Vantage - 17.10 - LdapClientUseTLS - Advanced SQL Engine - Teradata Database

Teradata Vantage™ - Advanced SQL Engine Security Administration

Product
Advanced SQL Engine
Teradata Database
Release Number
17.10
Release Date
July 2021
Content Type
Administration
Security
Publication ID
B035-1100-171K
Language
English (United States)

The LdapClientUseTls property specifies whether TLS protection is enabled. Teradata strongly recommends TLS protection when you use simple binds, including service binds.

This property must be set to yes to enable use of advanced TLS capabilities, such as certificate chain verification or mutual authentication.

Valid Settings

Setting Description
yes TLS protection is enabled
no (default) TLS protection is not enabled

Editing Guidelines

  • To set a value, you must manually add this property to the TDGSS configuration file for the needed mechanism(s). See About Editing Configuration Files.
  • Set the LdapClientUseTls property to yes to protect passwords on systems that use simple binds, including service binds. For information on binding, see LDAP Binding Options.
  • If you decide to use TLS protection, edit this property for all mechanisms that have the AuthorizationSupported property set to yes.
  • Edit this property on the database and on Unity, if used. Also see Coordinating Mechanism Property Values for Unity.

For detailed procedures on configuring TLS options, see Using TLS with a Directory Server.