Security Enhancements | Advanced SQL Engine 17.00 | Teradata Vantage - Security Enhancements in Release 17.00 - Advanced SQL Engine - Teradata Database

Teradata Vantageā„¢ - Advanced SQL Engine Release Summary

Product
Advanced SQL Engine
Teradata Database
Release Number
17.00
Published
September 2020
Language
English (United States)
Last Update
2021-01-23
dita:mapPath
icz1556928651136.ditamap
dita:ditavalPath
lze1555437562152.ditaval
dita:id
B035-1098
lifecycle
previous
Product Category
Software
Teradata Vantage
  • TDNEGO now supports JWT (JSON web token) authentication.
  • New LdapServicePasswordFile property.
  • The DIGEST-MD5 authentication protocol used by LDAP is deprecated.

Benefits

  • With the addition of JWT, Teradata Vantage now supports a greater variety of authentication protocols and mechanisms.
  • The LdapServicePasswordFile property provides a way for you to change the LDAP service password without requiring a system restart.
  • Because the DIGEST-MD5 protocol is considered insecure, Teradata will end support for it in a future release.

Considerations

  • If you use the LdapServicePasswordFile property, the LdapServicePassword and LdapServicePasswordProtected properties are ignored, and passwords are read exclusively from the password file.
  • Passwords listed in the LDAP service password file must be encrypted using the tdspasswd command-line utility.
  • Teradata strongly recommends you stop using DIGET-MD5, and instead use simple binding with TLS protection. A future release of Vantagewill remove support for DIGEST-MD5.

Additional Information

For more information about security, see Teradata Vantageā„¢ - Advanced SQL Engine Security Administration, B035-1100.