17.10 - Determining the SPN for Each Node and Unity Server - Advanced SQL Engine - Teradata Database

Teradata Vantage™ - Advanced SQL Engine Security Administration

Product
Advanced SQL Engine
Teradata Database
Release Number
17.10
Release Date
July 2021
Content Type
Administration
Security
Publication ID
B035-1100-171K
Language
English (United States)

Teradata Vantage clients use Service Principal Names (SPNs) to specify the Vantage node or Unity server to which they want to connect.

SPNs use the following format:

service_name/instance@realm
service_name
Requests the service, that is, a Teradata Vantage or Unity server.
Example: TERADATA
instance
Specifies the Fully Qualified Domain Name (FQDN) for a database node or Unity server, composed of:
The domain information can include one or more additional sub-domain specifications if required to uniquely locate the node or Unity server.
Examples:
  • tdatsysa1-1.corp.teradata.com
  • unity1.corp.teradata.com
realm
The name of the Kerberos realm containing the node or Unity server.
The realm information must match the Windows domain exactly including case.

The realm specified for this term can include one or more additional sub-realm specifications if required to uniquely identify the realm.

Example: CORP.TERADATA.COM
Determine the SPNs for all nodes and Unity servers defined in step 4 of Creating a Computer Component for Database Nodes and Unity Server, for all Teradata Vantage systems and Unity servers served by the KDC. Retain the SPN information for use in Running ktpass to Create the Kerberos Keys.