Working with tdgssauth | Teradata Vantage - 17.20 - Working with tdgssauth - Analytics Database - Teradata Vantage

Teradata Vantage™ - Analytics Database Security Administration - 17.20

Deployment
VantageCloud
VantageCore
Edition
Enterprise
IntelliFlex
VMware
Product
Analytics Database
Teradata Vantage
Release Number
17.20
Published
June 2022
Language
English (United States)
Last Update
2023-03-07
dita:mapPath
hjo1628096075471.ditamap
dita:ditavalPath
qkf1628213546010.ditaval
dita:id
zuy1472246340572
The tdgssauth standalone tool is used to test TDGSS security mechanism configurations on Teradata Vantage nodes. tdgssauth is used to test and correct authentication, authorization, and policy failures offline:
  • tdgssauth is used offline to minimize the number of server TPA resets when bringing external authentication deployments and configuration fixes active.
  • tdgssauth tests the following mechanisms: TD2, LDAP, Kerberos, and TDNEGO.

This tool makes use of TDGSS itself to establish a pair of security contexts based on the user's input options. One context is established to simulate the client side of a secured connection. The other context simulates the server side of a secured connection.

Once the contexts are established, the server's context is probed to determine the outcome of the authentication attempt. The user's authentication properties are acquired and displayed in human readable form. The user's name is then used to probe security policy and the results of the probe are also displayed in human readable form.

The tool can also exercise confidentiality and integrity services offered by TDGSS. Exercising these services is controlled from security policy and from command line options.

You can use tdgssauth to: