TLS Protection | Teradata Vantage - TLS Protection - Analytics Database - Teradata Vantage

Security Administration

Deployment
VantageCloud
VantageCore
Edition
Enterprise
IntelliFlex
VMware
Product
Analytics Database
Teradata Vantage
Release Number
17.20
Published
June 2022
Language
English (United States)
Last Update
2023-11-02
dita:mapPath
hjo1628096075471.ditamap
dita:ditavalPath
qkf1628213546010.ditaval
dita:id
zuy1472246340572
lifecycle
latest
Product Category
Teradata Vantage™
Teradata recommends TLS protection when:
  • LDAP authentication uses simple binding.
  • Kerberos authenticates users, while the directory authorizes user privileges in the database, resulting an automatic service bind (a type of simple bind).

You can configure LDAP protection properties in the LDAP, Kerberos, and SPNEGO mechanisms on Teradata Vantage nodes, if the AuthorizationSupported property is set to yes. Also see LDAP Protection Properties.

If you implement TLS protection you should check, and if necessary reset, the AllowUnsafeServerConnection property in each mechanism that you configure for protection, to ensure optimal database operation with directories that supports IETF RFC 5746. See LdapClientTlsReqCert.

For configuration requirements when authentication is set for multiple directory services, see Creating the <LdapConfig> Section in the TdgssUserConfigFile.xml.