TDGSS LdapClientDeref Property | Teradata Vantage - 17.10 - LdapClientDeref - Advanced SQL Engine - Teradata Database

Teradata Vantage™ - Advanced SQL Engine Security Administration

Advanced SQL Engine
Teradata Database
Release Number
July 2021
English (United States)
Last Update

The LdapClientDeref property tells the directory server what to do with any referral objects it encounters in the directory information tree.

The LdapClientDeref property applies to mechanisms that support referral chasing.

Do not change the default setting for this property without first contacting Teradata Support Center for assistance.

Valid Settings

Setting Description
never (default) Do not chase referrals of any kind to bind the user, even if LdapClientReferrals is set to on (preferred).
always Chase referrals only if the object containing the referral is in the search base.
finding Chase referrals only if the object that contains the referral isthe search base.
searching Chase any referral to any object that is subordinate to the search base. Return any objects found in the referred directory as if they came from the local directory

Editing Guidelines

Do not attempt to reset this value without Teradata Support Center assistance.
  • To set a value, you must manually add this property to the TDGSS configuration file on needed mechanisms. See Editing Configuration Files.
  • Edit this property on database nodes and on the Unity server, if used. Also see Coordinating Mechanism Property Values for Unity.
  • Use the default setting, never, for all external authentication mechanisms to prevent referral chasing, unless you have a good reason to follow referrals.
  • If LdapClientReferrals is set to yes, use the LdapClientDeref property to tell the directory how to handle the referrals it finds. Also see LdapClientReferrals.