The following table shows which mechanisms support each property.
- Editable means the mechanism supports the property and the setting for the property may be edited.
- Keep Default means the mechanism supports the property, but do not change the default setting for the property.
- A blank cell means the mechanism does not support the property; for example, TD2 does not support the AuthenticationSupported property.
- If no mechanisms for a property are selected, the property does not have any supporting mechanisms, is reserved for future use, or is unused. See the section for the specific property for details.
Teradata recommends viewing the editing guidelines for each property.
Basic Functional Properties | JWT | KRB5 | LDAP | PROXY | SPNEGO | TDNEGO | TD2 |
AuthenticationSupported | Keep Default | Keep Default | Keep Default | Keep Default | Keep Default | Keep Default | |
AuthorizationSupported | Editable | Editable | Editable | Keep Default | |||
GenerateCredentialFromLogon | Keep Default | Keep Default | Keep Default | Keep Default | Keep Default | ||
NegotiationSupported | Keep Default | Keep Default | |||||
SingleSignOnSupported | Keep Default | Keep Default | Keep Default | ||||
Confidentiality Properties | JWT | KRB5 | LDAP | PROXY | SPNEGO | TDNEGO | TD2 |
DHKeyP and DHKeyG | Editable | Editable | Editable | Editable | |||
VerifyDHKey | Editable | ||||||
Directory Identification and Search Properties | JWT | KRB5 | LDAP | PROXY | SPNEGO | TDNEGO | TD2 |
LdapClientDebug | Keep Default | Keep Default | |||||
LdapClientDeref | Keep Default | Keep Default | |||||
LdapClientRebindAuth | Editable | Editable | |||||
LdapClientReferrals | Editable | Editable | |||||
LdapCredentialIsUPN | Editable | ||||||
LdapGroupBaseFQDN | Editable | Editable | |||||
LdapServerName | Editable | Editable | |||||
LdapSystemFQDN | Editable | Editable | |||||
LdapUserBaseFQDN | Editable | Editable | |||||
UseLdapConfig | Editable | Editable | |||||
JWT Support Properties | JWT | KRB5 | LDAP | PROXY | SPNEGO | TDNEGO | TD2 |
JWTClientTlsCACertDir | Editable | ||||||
JWTClientUseTls | Editable | ||||||
JWTDecryptionKeyFile | Editable | ||||||
JWTDynamicKey | Editable | ||||||
JWTKeyCacheRefreshTime | Editable | ||||||
JWTKeyDirectory | Editable | ||||||
JWTRestAPIMaxTimeAllowed | Editable | ||||||
JWTRestAPITimeLimit | Editable | ||||||
JWTSkewTime | Editable | ||||||
JWTTokenExchange | Editable | ||||||
JWTVerificationKeyFile | Editable | ||||||
LDAP Binding Properties | JWT | KRB5 | LDAP | PROXY | SPNEGO | TDNEGO | TD2 |
LdapClientMechanism | Editable | ||||||
LdapServiceBindRequired | Editable | ||||||
LdapServiceFQDN | Editable | Editable | |||||
LdapServicePassword | Editable | Editable | |||||
LdapServicePasswordFile | Editable | Editable | |||||
LdapServicePasswordProtected | Editable | Editable | |||||
LDAP Policy Properties | JWT | KRB5 | LDAP | PROXY | SPNEGO | TDNEGO | TD2 |
LdapNetworkBaseFQDN (configured in <LdapConfig> section in TdgssUserConfigFile.xml) | |||||||
LdapPolicyFQDN | Editable | ||||||
MechanismIgnoreQOP | Keep Default | Keep Default | Keep Default | Keep Default | Keep Default | Keep Default | |
LDAP Protection Properties | JWT | KRB5 | LDAP | PROXY | SPNEGO | TDNEGO | TD2 |
LdapAllowUnsafeServerConnect | Editable | Editable | |||||
LdapClientTlsCACert | Editable | Editable | |||||
LdapClientTlsCACertDir | Editable | Editable | |||||
LdapClientTlsCert | Editable | Editable | |||||
LdapClientTlsCipherSuite | Editable | Editable | |||||
LdapClientTlsCRLCheck | Editable | Editable | |||||
LdapClientTlsKey | Editable | Editable | |||||
LdapClientTlsRandFile | Editable | Editable | |||||
LdapClientTlsReqCert | Editable | Editable | |||||
LdapClientUseTLS | Editable | Editable | |||||
Mechanism Status Properties | JWT | KRB5 | LDAP | PROXY | SPNEGO | TDNEGO | TD2 |
DefaultMechanism | Editable | Editable | Editable | Editable | Editable | Editable | |
DefaultNegotiatingMechanism | Keep Default | Editable | |||||
MechanismEnabled | Editable | Editable | Editable | Editable | Editable | Editable | Editable |
MechanismRank | Editable | Editable | Editable | Editable | Editable | ||
Operational Properties | JWT | KRB5 | LDAP | PROXY | SPNEGO | TDNEGO | TD2 |
AnonymousAuthentication (Reserved for future use) | |||||||
ConfidentialityDesired | Keep Default | Keep Default | Keep Default | Keep Default | Keep Default | Keep Default | Keep Default |
CredentialUsage | Keep Default | Keep Default | Keep Default | Keep Default | Keep Default | Keep Default | |
DelegateCredentials (unused) | |||||||
DesiredContextTime (Reserved for future use) | |||||||
DesiredCredentialTime (Reserved for future use) | |||||||
IntegrityDesired | Keep Default | Keep Default | Keep Default | Keep Default | Keep Default | Keep Default | Keep Default |
MutualAuthentication | Editable | Editable | Keep Default | ||||
OutOfSequenceDetection | Keep Default | Keep Default | Keep Default | Keep Default | Keep Default | ||
ReplayDetection | Keep Default | Keep Default | Keep Default | Keep Default | Keep Default | ||
TeradataKeyTab | Editable |