LDAP for Multiple Directory Services | Teradata Vantage - 17.10 - Implementation Overview - Advanced SQL Engine - Teradata Database

Teradata Vantage™ - Advanced SQL Engine Security Administration

Product
Advanced SQL Engine
Teradata Database
Release Number
17.10
Release Date
July 2021
Content Type
Administration
Security
Publication ID
B035-1100-171K
Language
English (United States)
  1. Make a backup copy of the TdgssUserConfigFile.xml file.
  2. Revise TdgssUserConfigFile.xml to include the elements and properties required to support authentication using multiple directory services. See Adding Multiple Directory Services to the TDGSS Configuration.
  3. Verify the configuration is correct:
    1. Run tdgsstestcfg to test the configuration. It launches a test environment in a new shell that contains the updates to the configuration file.
      /opt/teradata/tdgss/bin/tdgsstestcfg
    2. Run the tdgssauth utility to test the new configuration before you commit the changes to the TDGSSCONFIG GDO.

      See Working with tdgssauth.

    3. Exit the test shell:
      exit
    4. Continue editing and testing until the configuration is correct.
  4. Run the run_tdgssconfig utility to update the TDGSSCONFIG GDO.
  5. If run_tdgssconfig indicates that a TPA reset is required, run tpareset.
    tpareset “use updated TDGSSCONFIG GDO”
  6. If users log on through Unity, duplicate the configuration on the Unity server and all connected database systems. See Using <LdapConfig> with Unity.
  7. Configure Teradata directory objects and make directory user mappings in each authenticating directory, based on the directory features used.