TLS protection encrypts the directory user ID and password during a bind to an LDAPv3-compliant directory, to prevent man-in-the-middle attacks and other security threats.
- LDAP authentication uses simple binding.
- Kerberos authenticates users, while the directory authorizes user privileges in the database, resulting an automatic service bind (a type of simple bind).
You can configure LDAP protection properties in the LDAP, Kerberos, and SPNEGO mechanisms on Teradata Vantage nodes and on the Unity server, if the AuthorizationSupported property is set to yes. Also see LDAP Protection Properties.
For configuration requirements when authentication is set for multiple directory services, see Creating the <LdapConfig> Section in the TdgssUserConfigFile.xml.