TDGSS LdapClientMechanism Property | Teradata Vantage - 17.10 - LdapClientMechanism - Advanced SQL Engine - Teradata Database

Teradata Vantage™ - Advanced SQL Engine Security Administration

Product
Advanced SQL Engine
Teradata Database
Release Number
17.10
Published
July 2021
Language
English (United States)
Last Update
2022-02-15
dita:mapPath
ppz1593203596223.ditamap
dita:ditavalPath
wrg1590696035526.ditaval
dita:id
zuy1472246340572

The LdapClientMechanism property specifies the bind type TDGSS must use to bind the user, during LDAP user authentication. See LDAP Binding Options.

Valid Settings

  • sasl/digest-md5 (default)
    Although the sasl/digest-md5 setting is the default (for legacy compatibility), it is not recommended for use.
  • simple (recommended)

Editing Guidelines

  • The LdapClientMechanism property appears by default in the library configuration file for the LDAP mechanism. Other mechanisms do not support this property.
  • To reset the value from the default, you must manually add this property to the TDGSS configuration file for the LDAP mechanism. See Editing Configuration Files.
  • Edit this property on database nodes and on the Unity server, if used. Also see Coordinating Mechanism Property Values for Unity.
  • Change the setting to simple to support simple binds.
  • Regardless of the LdapClientMechanism setting, Teradata strongly recommends that you also setup TLS protection to guard against man-in-the-middle and other attacks. See Using TLS with a Directory Server.