TDGSS LdapAllowUnsafeServerConnect Property | Teradata Vantage - LdapAllowUnsafeServerConnect - Analytics Database - Teradata Vantage

Security Administration

Deployment
VantageCloud
VantageCore
Edition
Enterprise
IntelliFlex
VMware
Product
Analytics Database
Teradata Vantage
Release Number
17.20
Published
June 2022
Language
English (United States)
Last Update
2024-04-05
dita:mapPath
hjo1628096075471.ditamap
dita:ditavalPath
qkf1628213546010.ditaval
dita:id
zuy1472246340572
lifecycle
latest
Product Category
Teradata Vantage™

The setting of the LdapAllowUnsafeServerConnect property is based on whether the directory supports IETF RFC 5746 “Transport Layer Security (TLS) Renegotiation Indication Extension.” Older directory software versions may not support this standard. Teradata Vantage software can operate with either a supporting or non-supporting directory, depending on the property setting.

This property is applicable only for systems that use simple binding and TLS protection.

Teradata recommends leaving this setting at the default value to ensure connectivity to directory servers that do not support IETF RFC 5746.

Default Property Value

The default setting is yes, that is, Vantage operates with directories that do not support IETF RFC 5746.

Valid Settings

Setting Description
yes Allows connection to the database using directories that do not support IETF RFC 5746. This is the default.
no Requires that the directory support IETF RFC 5746 to connect to the database.

Editing Guidelines

  • Edit this property on the database.
  • To set a value, you must manually add this property to the TDGSS configuration file for the needed mechanisms. See Editing Configuration Files.
  • Although you can configure this property only in the LDAP mechanism, the setting applies to all external authentication mechanisms.
  • Before changing the default property value, make sure your directory software supports IETF RFC 5746 “Transport Layer Security (TLS) Renegotiation Indication Extension.” Consult your directory software vendor for details.