Modify Mechanism Properties Without Reset | SQL Engine 17.10 | Teradata Vantage - 17.10 - Modifying Mechanism Properties Without a TPA Reset - Advanced SQL Engine - Teradata Database

Teradata Vantage™ - Advanced SQL Engine Security Administration

Product
Advanced SQL Engine
Teradata Database
Release Number
17.10
Published
July 2021
Language
English (United States)
Last Update
2022-02-15
dita:mapPath
ppz1593203596223.ditamap
dita:ditavalPath
wrg1590696035526.ditaval
dita:id
zuy1472246340572

The following can be modified without a TPA reset:

  • Any attribute or property whose name begins with "Ldap" for KRB5 and LDAP
  • MechanismEnabled property for KRB5, LDAP, JWT, and PROXY
  • AuthorizationSupported property for KRB5 and LDAP
  • LDAP Service ID and password with no impact to user LDAP logons
  • The following properties in the PROXY mechanism:
    • CertificateFile
    • PrivateKeyFile
    • PrivateKeyPassword
    • PrivateKeypasswordProtected
    • CACertFile
    • CACertDir
    • SigningHashAlgorithm
  • Any JWT mechanism property whose name begins with "JWT"
  • All canonicalizations including the lightweight authorization structures

The following configuration changes still require a tpareset:

  • Changes to any mechanism property not mentioned above require a tpareset
  • QoP configuration
  • Local or global policy configuration, including service name changes
  • TDNEGO and SPNEGO
The run_tdssconfig utility indicates when a TPA reset is required.