Changing the TDGSS Configuration - Analytics Database - Teradata Vantage

Security Administration
Deployment
VantageCloud
VantageCore
Edition
Enterprise
IntelliFlex
VMware
Product
Analytics Database
Teradata Vantage
Release Number
17.20
Published
June 2022
Language
English (United States)
Last Update
2024-04-05
dita:mapPath
hjo1628096075471.ditamap
dita:ditavalPath
qkf1628213546010.ditaval
dita:id
zuy1472246340572
lifecycle
latest
Product Category
Teradata Vantage™
  1. On the Teradata Vantage node with the lowest ID number, navigate to the directory that provides access to TdgssUserConfigFile.xml.
    cd /opt/teradata/tdat/tdgss/site
  2. Make a backup copy of the TdgssUserConfigFile.xml and save it according to your site standard backup procedures.
  3. Open a text editor, such as vi, and bring up a working copy of the user configuration file:
    vi TdgssUserConfigFile.xml
    If you are using Business Continuity Manager, use:

    /etc/opt/teradata/config/bcm/TdgssBcmConfig.xml

  4. Edit the properties in the file in accordance with the editing guidelines for each property. For more information, see Editing Configuration Files.
    Most mechanism properties work best using their factory preset values. Make sure of your reason for wanting to change a property value before you edit it.

    You can add optional LDAP properties to the KRB5, LDAP and SPNEGO mechanisms and edit their default values. Copy only the optional properties you want to use from the LDAP mechanism in the TdgssLibraryConfigFile.xml and paste them into the LDAP mechanism in the copy of the TdgssUserConfigFile.xml you are editing.

  5. Verify the configuration is correct:
    1. Run tdgsstestcfg to test the configuration. It launches a test environment in a new shell that contains the updates to the configuration file.
      /opt/teradata/tdgss/bin/tdgsstestcfg
    2. Run the tdgssauth utility to test the newly-configured LDAP properties for their effects on directory user authentication and authorization before you commit the configuration changes to the TDGSSCONFIG GDO. 
      /opt/teradata/tdgss/bin/tdgssauth -m ldap -u dir_user

      See Working with tdgssauth.

    3. Exit the test shell:
      exit
    4. Continue editing and testing until the configuration is correct.
  6. After you complete editing and any needed testing, run the run_tdgssconfig utility to update the TDGSSCONFIG GDO.
    /opt/teradata/tdgss/bin/run_tdgssconfig
    If you are using Business Continuity Manager, use:

    /etc/opt/teradata/config/bcm/TdgssBcmConfig.xml tdgssconfig.bin

  7. If run_tdgssconfig indicates a TPA reset is required, run tpareset to activate the changes to the TDGSS configuration.
    tpareset -f “use updated TDGSSCONFIG GDO”