You must create a Kerberos principal and password for each node on each Teradata Vantage system, that is served by the MIT Kerberos Linux KDC.
Use the addprinc command to create the principal and password, for example, for a node:
kadmin.local: addprinc TERADATA/principal_name.esrootdom.esdev.tdat WARNING: no policy specified for TERADATA/principal_name.esrootdom.esdev.tdat@UNIX.ESROOTDOM.ESDEV.TDAT; defaulting to no policy Enter password for principal "TERADATA/principal_name.esrootdom.esdev.tdat@UNIX.ESROOTDOM.ESDEV.TDAT": Re-enter password for principal "TERADATA/principal_name.esrootdom.esdev.tdat@UNIX.ESROOTDOM.ESDEV.TDAT": Principal "TERADATA/principal_name.esrootdom.esdev.tdat@ UNIX.ESROOTDOM.ESDEV.TDAT" created.
- principal_name.esrootdom.esdev.tdat
- The FQDN of a Teradata Vantage node.
UNIX.ESROOTDOM.ESDEV.TDAT is the Kerberos realm in which the Vantage node principals are being added.
The string TERADATA/principal_name.esrootdom.esdev.tdat@UNIX.ESROOTDOM.ESDEV.TDAT, used to represent the principal, also constitutes the SPN for the principal. The SPN is used later in Creating the Kerberos Keys and Installing the Kerberos Keys to uniquely identify the keys.