Procedure to Install Schema Extensions - Analytics Database

Procedure to Install Schema Extensions - Analytics Database - Teradata Vantage

Security Administration

Deployment

VantageCloud

VantageCore

Edition

Enterprise

IntelliFlex

VMware

Product

Analytics Database

Teradata Vantage

Release Number

17.20

Published

June 2022

Language

English (United States)

Last Update

2024-04-05

dita:mapPath

hjo1628096075471.ditamap

dita:ditavalPath

qkf1628213546010.ditaval

dita:id

zuy1472246340572

lifecycle

latest

Product Category

Teradata Vantage™

From the TDGSS/bin directory, use ldapmodify to run the schema installation script:

#!/bin/sh
#
# usage: loadschema  server 
#
#
  - if [ $# != 1 ]; then
  -   echo "Wrong # args"
  -   echo "usage: $0  server"
  -   exit 1
  - fi
  - cd /opt/teradata/tdgss/etc
  - SNC=‘ldapsearch -H ldap://$1 -b "" -s base schemanamingcontext | \
  -      grep -i schemanamingcontext | \
  -      cut -d’ ’ -f2‘
  - if [ "$SNC" = "" ]; then
  -   echo "Schema naming context not found on server $1"
  -   exit 1
  - fi
  - cat tdat.actdir.schema ipfilter.actdir.schema policy.actdir.schema| \
  -   sed -e "s/CN=Schema/$SNC/" | \
  -   ldapmodify -c -H ldap://$1 -x -D  admin_DN  -W -Z

where the ldapmodify syntax operates as follows:

Syntax Element	Explanation
server	Names an Active Directory, ADAM, or AD LDS directory server where the schema extensions are loaded.
-c	Causes ldapmodify to ignore errors and keep running.
-H ldap://$1	Specifies the ldap server naming convention according to binding type: For TLS protection (requires concurrent use of the -Z option): ldap://server/
-x	Requests simple binding.
-D admin_DN	Specifies the DN of a user with administrative privileges in the directory.
-W	Causes ldapmodify to prompt for the password of the user identified in -D
-Z	Requests TLS protection and requires a successful response before continuing.

The system prompts for the directory password of the user running the ldapmodify command. Enter the password.

You can use the script as shown based on the following assumptions:

The Teradata GSS server package, which includes the tdat.actdir.schema file, has already been installed on the Teradata Vantage nodes.
The administrator specified in the script must have the required access privileges.
Active Directory/ADAM is running on Windows 2003 or later.
If you have already installed the base schema and only want to add the IP restriction schema or the security policy schema, omit the tdat.actdir.schema.

Do the following to use the script to install schema from Teradata Vantage to Active Directory, ADAM, or AD LDS running on the system, for example, system esroot:

From the Vantage command prompt, after pasting in the install script, run the script by entering:
```
./loadschema esroot
```
The administrator is prompted for a password.
With simple binding you must include a -W specification to initiate a password prompt. The password you submit must be the correct password for the username shown in the script.

The system then returns the following output, showing that the Teradata schema extensions are installed in the directory:

The following output is not complete. It was edited to provide a brief example of what you would see at the completion of schema installation.

adding entry "cn=tdatProfileMember,CN=Schema,CN=Configuration,
DC=esrootdom,DC=esdev,DC=tdat"
adding entry "cn=tdatProfileMemberOf,CN=Schema,CN=Configuration,
DC=esrootdom,DC=esdev,DC=tdat"
...snipped...
adding entry "cn=tdatUser,CN=Schema,CN=Configuration,
DC=esrootdom,DC=esdev,DC=tdat"
adding entry "cn=tdatRole,CN=Schema,CN=Configuration,
DC=esrootdom,DC=esdev,DC=tdat"
modifying entry ""
$