TDNEGO Negotiation - Analytics Database - Teradata Vantage

Security Administration

Deployment
VantageCloud
VantageCore
Edition
Enterprise
IntelliFlex
VMware
Product
Analytics Database
Teradata Vantage
Release Number
17.20
Published
June 2022
Language
English (United States)
Last Update
2023-11-02
dita:mapPath
hjo1628096075471.ditamap
dita:ditavalPath
qkf1628213546010.ditaval
dita:id
zuy1472246340572
lifecycle
latest
Product Category
Teradata Vantage™

TDNEGO is the only negotiating mechanism that Teradata Vantage supports. You can configure TDNEGO to choose from one or more logon authentication mechanisms for client access.

SPNEGO can be negotiated by TDNEGO for clients using Kerberos with the .NET framework.

TDGSS also allows you to set a non-negotiated mechanism, which is TD2 by default. The non-negotiated mechanism is tried if protocol negotiations fail. See information about the DefaultMechanism setting in the TdgssUserConfigFile.xml.

If the database server and the client cannot find a common mechanism, the logon request is denied, and the logon fails.

In most cases, negotiations are initiated by the client logon request. If the client does not specify an authentication protocol, TDNEGO uses the default mechanism of the database server.

If you need to modify the TDNEGO configuration, the best practice is to modify the configuration on the database server. If you must modify the TDNEGO configuration on the client, install the Teradata GSS Administrative Package on the client. For more information, see Teradata GSS Administrative Package.