16.10 - LdapClientTlsRandFile - Teradata Database

Teradata Database Security Administration

prodname
Teradata Database
vrm_release
16.10
created_date
June 2017
category
Administration
Security
featnum
B035-1100-161K

The LdapClientTlsRandFile property specifies a device, FIFO, or pipe that provides random bits when the default random number generator, for example /dev/[u]random on Linux, is not available, or if another random number generator is preferred.

Use with simple binding. For DIGEST-MD5 binding, use LdapClientRandomDevice.

Default Property Value

The default setting is “”, that is, no device, FIFO, or pipe is specified.

Valid Settings

Setting Description
"" No random number generator is specified. The system uses the default random number generator for the operating system.
A file name Specifies a device, FIFO, or pipe that provides random bits.

Supporting Mechanisms for LdapClientTlsRandFile

Mechanisms that are not listed in the table do not support this property. The Property Editable column indicates if the setting for a property may be edited.
Mechanism Property Editable?
KRB5 May Be Edited
LDAP
To set a value, you must manually add this property to the TdgssUserConfigFile.xml for the LDAP mechanism. See About Editing Configuration Files.

Editing Guidelines

  • Edit this property on the database and on Unity, if used. Also see Coordinating Mechanism Property Values for Unity.
  • Specify a value for the LdapClientTlsRandFile only when the default random number generator is not available, or if you want to use another random number generator.
  • If a default is not available, install a copy of EGD or PRNGD on every node and set the value of LdapClientTlsRandFile to the name of the EGD or PRNGD socket.
    The installed copy of EGD or PRNGD must have the same name on all Teradata Database nodes. See the EGD or PRNGD Readme file for details.
  • Although you can configure this property only in the LDAP mechanism, the effects apply to all external authentication mechanisms.