Security Enhancements | Advanced SQL Engine 17.00 | Teradata Vantage - 17.00 - Security Enhancements in Release 17.00 - Teradata Database

Teradata Vantageā„¢ - Advanced SQL Engine Release Summary

prodname
Advanced SQL Engine
Teradata Database
vrm_release
17.00
created_date
September 2020
category
Release Notes
featnum
B035-1098-170K
  • TDNEGO now supports JWT (JSON web token) authentication.
  • New LdapServicePasswordFile property.
  • The DIGEST-MD5 authentication protocol used by LDAP is deprecated.

Benefits

  • With the addition of JWT, Teradata Vantage now supports a greater variety of authentication protocols and mechanisms.
  • The LdapServicePasswordFile property provides a way for you to change the LDAP service password without requiring a system restart.
  • Because the DIGEST-MD5 protocol is considered insecure, Teradata will end support for it in a future release.

Considerations

  • If you use the LdapServicePasswordFile property, the LdapServicePassword and LdapServicePasswordProtected properties are ignored, and passwords are read exclusively from the password file.
  • Passwords listed in the LDAP service password file must be encrypted using the tdspasswd command-line utility.
  • Teradata strongly recommends you stop using DIGET-MD5, and instead use simple binding with TLS protection. A future release of Vantagewill remove support for DIGEST-MD5.

Additional Information

For more information about security, see Teradata Vantageā„¢ - Advanced SQL Engine Security Administration, B035-1100.