The ipdir2bin utility transfers the directory-based IP address restrictions to the IP GDO.
- From the /site directory on the lowest numbered Teradata Vantage Analytics Database node, run the ipdir2bin utility, to commit directory IP restrictions to the database GDO:
$ ipdir2bin -u dir_username [-w dir_password ] [-h dir_server_name ] [-S system_name ] Enter LDAP password: Parse successful 608 bytes written to the ipfilter GDO.
- Specifies the FQDN of the directory user running the utility.
- [Optional] Specifies the password for the user dir_username. It is not recommended to enter the password on the command line.
- Default behavior: System prompts you for a password.
- [Optional] Identifies the directory server.
- The administrator specifies dir_server_name when doing either of the following:
- Adding a system to a domain
- Explicitly naming the server in the etc/ldap.conf file on a Teradata Vantage system.
- Default: LdapServerName property value (see LdapServerName).
- [Optional] Identifies the FQDN of the Vantage system, as it appears in the tdatSystem object in the directory. See LdapSystemFQDN.
- If restrictions are configured for a single Vantage system, the tdatSystem object has the name of the system.
- Default: LdapSystemFQDN property value from TDGSS configuration files. (If the LdapSystemFQDN property also contains no value, the utility exits with an error.)
The command populates the GDO and distributes it to all database nodes.
- To enable the committed restrictions, run the tpareset utility. For more information, see Teradata Vantage™ - Database Utilities, B035-1102. This step is only necessary for the initial implementation of IP restrictions, and does not apply to revisions.
- If the fully enabled IP restrictions do not function as needed, you can:
- Edit the restrictions, retest them, as shown in Testing XML-Based IP Restrictions, and then re-enable them as shown in the first step.
- Disable the restrictions, as shown in Removing All IP Restrictions in an Emergency.
In most cases, Testing XML-Based IP Restrictions should uncover any problems before you enable them on the system.