Configuring Site-Aware SRV Resource Records in TDGSS - Analytics Database - Teradata Vantage

Security Administration

Deployment
VantageCloud
VantageCore
Edition
Enterprise
IntelliFlex
VMware
Product
Analytics Database
Teradata Vantage
Release Number
17.20
Published
June 2022
Language
English (United States)
Last Update
2024-04-05
dita:mapPath
hjo1628096075471.ditamap
dita:ditavalPath
qkf1628213546010.ditaval
dita:id
zuy1472246340572
lifecycle
latest
Product Category
Teradata Vantage™

You can configure the authentication mechanism for site-aware selection of a local directory by editing the LdapServerName property to a DNS SRV RR formatted site name, for example:

<Mechanism Name="ldap">
  <MechanismProperties
     MechanismEnabled="yes"
     AuthorizationSupported="no"
     ...
     LdapClientMechanism="simple"
     LdapServerName="_ldap._tcp.SantaDominDiv._sites.domain1.com"
     ...
  />
</Mechanism>
Configuration Option Description
<Mechanism Name="ldap"> Site awareness requires directory authentication of the user, using the LDAP mechanism.
MechanismEnabled="yes" The LDAP mechanism must be enabled.
AuthorizationSupported="no" Site awareness functions whether or not the directory authorizes the user.
LdapClientMechanism="simple" The example is for a system using simple binding.
LdapServerName="_ldap._tcp.SantaDominDiv._sites.domain1.com" This setting requires a DNS SRV RR formatted site name, which identifies the local site directories available to authenticate the user.
In addition to performing the TDGSS configuration shown, if the DNS service for the domain in which the database resides is not the one where Active Directory registers its site-aware DNS SRV RRs (that is, a “foreign” service), then you must also manually configure the site-aware SRV RRs in the foreign DNS service.

For DNS SRV RR configuration instructions, see LdapServerName.

When you configure the LdapServerName property for site awareness, the authenticating mechanism selects a directory at random from among the available local directories for the site.