16.10 - LdapServicePasswordProtected - Teradata Database

Teradata Database Security Administration

prodname
Teradata Database
vrm_release
16.10
created_date
June 2017
category
Administration
Security
featnum
B035-1100-161K

The value of the LdapServicePasswordProtected property indicates whether the password defined in LdapServicePassword is stored in encrypted form. You can use the -s option of the tdspasswd tool to create an encrypted version of the LdapServicePassword. See Identity Search Implementation Process.

If you use this property also configure the LdapServiceFQDN and LdapServicePassword properties.

Valid Settings

Setting Description
yes The TdgssUserConfigFile.xml stores the LdapServicePassword in encrypted form
no (default) The TdgssUserConfigFile.xml stores the LdapServicePassword in plain text.

Supporting Mechanisms for LdapServicePasswordProtected

The LdapServicePassword property is usable for all mechanisms that support service binds.

Mechanisms that are not listed in the table do not support this property. The Property Editable column indicates if the setting for a property may be edited.
Mechanism Property Editable?
KRB5 May Be Edited
SPNEGO
LDAP
To set a value, you must manually add this property to the TdgssUserConfigFile.xml on needed mechanisms. See About Editing Configuration Files.

Editing Guidelines

  • Edit this property on database nodes and the Unity server, if used. Also see Coordinating Mechanism Property Values.
  • This property does not encrypt the password. It is only an indicator of encryption.
  • If you want to encrypt the password, use the procedure found in Editing the TdgssUserConfigFile.xml for Service Binds to generate an encrypted password for the LdapServicePassword property, and insert it into the TdgssUserConfigFile.xml, then set the LdapServicePasswordProtected property to yes to indicate that the service password is encrypted.