TDGSS Security Administration Tools | Teradata Vantage - Security Administration Tools - Teradata Vantage - Analytics Database

Security Administration
Deployment
VantageCloud
VantageCore
Edition
VMware
Enterprise
IntelliFlex
Product
Analytics Database
Teradata Vantage
Release Number
17.20
Published
June 2022
ft:locale
en-US
ft:lastEdition
2025-03-29
dita:mapPath
hjo1628096075471.ditamap
dita:ditavalPath
qkf1628213546010.ditaval
dita:id
zuy1472246340572
lifecycle
latest
Product Category
Teradata Vantageā„¢

The following security administration tools are included with the installation of TDGSS.

Tool Description
dumpcfg Allows you to view the TDGSS or TeraGSS configuration settings. These settings are stored in TDGSSCONFIG.GDO, a binary-format globally distributed object file used by the database, or a flat file named tdgssconfig.bin for Business Continuity Manager or TTU clients.

See Using the dumpcfg Utility to Check the Current Configuration.
ipdir2bin Adds directory-based IP restrictions to the IP GDO.

See Enabling Directory-Based IP Restrictions with the ipdir2bin Utility.
ipxml2bin Adds XML based IP restrictions to the IP GDO.

See Enabling XML-Based IP Restrictions with the ipxml2bin Utility.
ldapadd Adds objects to the directory using the Standard LDAP tool.

See the sections beginning with Creating the Top-Level Objects in the DIT.
ldapmodify Performs LDAP add operation for Teradata schema extensions to a directory.

See Installing Teradata Schema Extensions in a Certified Directory.
ldapsearch Tests directory access to find directory objects, such as a user or the RootDSE Object.

See ldapsearch.
nodenames Obtains the list of host names that are used when generating signed certificates. Used by and with tlsutil. See nodenames Utility.
run_tdgssconfig

Required by Business Continuity Manager to edit TdgssBcmConfig.xml, for example, when you add a new mechanism or configure a mechanism property. See Making Changes to TdgssUserConfigFile.xml on Database Nodes.

Note that TdgssBcmConfig.xml has the exact same format as TdgssUserConfigFile.xml, but is used specifically for Business Continuity Manager configuration.
tdgssauth Tests and verifies that security mechanism configurations are valid before bringing them online. You can use it with LDAP, Kerberos, and TDNEGO on Business Continuity Manager, and Analytics Database nodes.

See Working with tdgssauth.
tdgssgetinfo Collects and displays information used to determine the health of the TDGSS or TeraGSS installed on the system. See tdgssgetinfo.
tdspolicy Identifies security policy restrictions that apply to a specified user, profile, and IP address. See Investigating Security Policy Assignments.
tdgssauth can be used instead of tdspolicy.
tdspasswd Generates and stores passwords in encrypted form:
  • When configuring LdapServicePassword, for example, when creating a service bind. See Using Service Binds.
  • For changing a user password.
tdgsstestcfg Tests that TdgssUserConfigFile.xml changes are valid before making them permanent with run_tdgssconfig. See Working with tdgsstestcfg.
tlsutil Creates and installs signed certificates and private keys on Analytics Database. Used for TLS configuration. See tlsutil.