TDGSS LdapServerRealm Property | Teradata Vantage - 17.10 - LdapServerRealm [Deprecated] - Advanced SQL Engine - Teradata Database

Teradata Vantage™ - Advanced SQL Engine Security Administration

Product
Advanced SQL Engine
Teradata Database
Release Number
17.10
Release Date
July 2021
Content Type
Administration
Security
Publication ID
B035-1100-171K
Language
English (United States)
This property is only used with DIGEST-MD5 binding.
The DIGEST-MD5 authentication protocol used by LDAP is deprecated. Teradata strongly recommends you use simple binding with TLS protection, and stop using DIGEST-MD5.

If the directory offers more than one realm and the system uses DIGEST-MD5 binding, you must use this property to identify the default SASL realm that the directory server should use for authentication. The system ignores this property if it uses simple binding.

If a user specifies a realm in the logon string, in the form .logdata realm=realm, the logon specification overrides the setting for this property.

Directory users that log on to Teradata Vantage must inhabit the specified realm.

Valid Settings

  • “” (default), that is, the property does not specify a realm
  • A valid SASL realm that the authenticating directory server offers

Editing Guidelines

  • If the directory server offers multiple SASL realms, you must set the value of this property to identify the default realm name.
  • Edit this property on database nodes and on the Unity server, if used. Also see Coordinating Mechanism Property Values for Unity.
  • If the directory offers only one realm, you do not need to set a value.