Use the ktpass command to create the key for the first Teradata Vantage node in a system, or for a Unity server. The keytab file is created in the directory from which the command is issued unless you use -out keytab_filename to specify another location.
ktpass -princ spn -mapuser [ node_name | unity_server_name ] -pass password -ptype KRB5_NT_PRINCIPAL -out keytab_filename
- The SPN for a Teradata Vantage node or Unity server, as defined in Determining the SPN for Each Node and Unity Server.
- The name of a Teradata Vantage node or Unity server created in step 4 of Creating an Active Directory User for Each Node and Unity Server.
- The Password for the user represented by the node or Unity server name. Use the password assigned to the name in step 6 of Creating an Active Directory User for Each Node and Unity Server.
- The principal name type.
- The example value, KRB5_NT_PRINCIPAL, is the same for all systems.
- Specify the -ptype exactly as shown for all Kerberos setups.
- The name of the keytab file to which the keys are written, for example, domain_name.sys_name.keytab, where:
- domain_name is included to differentiate among the separate keytab files required for multiple domains, if present.
- sys_name names of a Teradata Vantage system or Unity server in the domain.If the Active Directory KDC serves more than one Vantage system or Unity server, you must create a keytab file for each one using a unique sys_name.