The LdapClientMechanism property specifies the bind type TDGSS must use to bind the user, during LDAP user authentication. See LDAP Binding Options.
- sasl/digest-md5 (default)Although the sasl/digest-md5 setting is the default (for legacy compatibility), it is not recommended for use.
- simple (recommended)
- The LdapClientMechanism property appears by default in the library configuration file for the LDAP mechanism. Other mechanisms do not support this property.
- To reset the value from the default, you must manually add this property to the TDGSS configuration file for the LDAP mechanism. See Editing Configuration Files.
- Edit this property on database nodes and on the Unity server, if used. Also see Coordinating Mechanism Property Values for Unity.
- Change the setting to simple to support simple binds.
- Regardless of the LdapClientMechanism setting, Teradata strongly recommends that you also setup TLS protection to guard against man-in-the-middle and other attacks. See Using TLS with a Directory Server.