After verifying that the SRV RR service name for the GC can find the GC servers for a site, configure the LdapServerName property with the SRV RR service name for the site, for example:
<Mechanism Name="ldap"> <MechanismProperties MechanismEnabled="yes" AuthorizationSupported="no" . . LdapClientMechanism="simple" LdapServerName="_ldap._tcp.SanDiegoHQ._sites.rootdomain.com" LdapServerPort="0" . . /> </Mechanism>
You can configure other properties for the LDAP mechanism, if needed. For instructions, see Changing the TDGSS Configuration.
where:
Configuration Option | Description |
---|---|
<Mechanism Name="ldap"> | Site awareness requires directory authentication of the user, using the LDAP mechanism. |
MechanismEnabled="yes" | The LDAP mechanism must be enabled. |
AuthorizationSupported="no" | Site awareness functions whether or not the directory authorizes the user. |
LdapClientMechanism="simple" | The example is for a system using simple binding. Site awareness also supports DIGEST-MD5 binding. The DIGEST-MD5 authentication protocol used by LDAP is deprecated. Teradata strongly recommends you use simple binding with TLS protection, and stop using DIGEST-MD5.
|
LdapServerName="_ldap._tcp.SanDiegoHQ._sites.rootdomain.com" | This setting requires a DNS SRV RR formatted site name, which identifies the local GC directories available to authenticate the user. |
When you configure the LdapServerName property for GC site awareness, LDAP selects a directory at random from among the available GC directories for the site.