TDGSS LdapClientMechanism Property | Teradata Vantage - 17.10 - LdapClientMechanism - Advanced SQL Engine - Teradata Database

Teradata Vantage™ - Advanced SQL Engine Security Administration

Advanced SQL Engine
Teradata Database
Release Number
Release Date
July 2021
Content Type
Publication ID
English (United States)

The LdapClientMechanism property specifies the bind type TDGSS must use to bind the user, during LDAP user authentication. See LDAP Binding Options.

Valid Settings

  • sasl/digest-md5 (default)
    Although the sasl/digest-md5 setting is the default (for legacy compatibility), it is not recommended for use.
  • simple (recommended)

Editing Guidelines

  • The LdapClientMechanism property appears by default in the library configuration file for the LDAP mechanism. Other mechanisms do not support this property.
  • To reset the value from the default, you must manually add this property to the TDGSS configuration file for the LDAP mechanism. See Editing Configuration Files.
  • Edit this property on database nodes and on the Unity server, if used. Also see Coordinating Mechanism Property Values for Unity.
  • Change the setting to simple to support simple binds.
  • Regardless of the LdapClientMechanism setting, Teradata strongly recommends that you also setup TLS protection to guard against man-in-the-middle and other attacks. See Using TLS with a Directory Server.