16.10 - Security Administration Tools - Teradata Database

Teradata Database Security Administration

Teradata Database
Release Number
Release Date
June 2017
Content Type
Publication ID
English (United States)

The following security administration tools are included with the installation of TDGSS.

Tool Description
dumpcfg Allows you to view the TdgssConfig.bin file (TDGSSCONFIG.GDO) to check the current configuration.

See Using the dumpcfg Utility to Check the Current Configuration.

ipdir2bin Adds directory-based IP restrictions to the IP GDO.

See Enabling Directory-Based IP Restrictions with the ipdir2bin Utility.

ipxml2bin Adds XML based IP restrictions to the IP GDO.

See Enabling XML-Based IP Restrictions with the ipxml2bin Utility.

ldapadd Standard LDAP tool used to add objects to the directory.

See the sections beginning with Creating the Top Level Objects in the DIT.

ldapmodify Used when adding Teradata schema extensions to a directory.

See Installing Teradata Schema Extensions in a Certified Directory.

ldapsearch Used when testing directory access to find directory objects, such as a user or the RootDSE Object.

See About Ldapsearch.

run_tdgssconfig Required to enable edits to the TdgssUserConfigFile.xml, for example, when you add a new mechanism or configure a mechanism property.

See Making Changes to the TdgssUserConfigFile.xml on Database Nodes.

tdgssauth Test and verify security mechanism configurations are valid before bringing them live. You can use it with LDAP, Kerberos, and TDNEGO on Unity servers and Teradata Database nodes.

See Working with tdgssauth.


Teradata recommends using tdgssauth instead of tdsbind.
tdspolicy Identifies security policy restrictions that apply to a speci fied user, profile, and IP address. See Investigating Security Policy Assignments.
Teradata recommends using tdgssauth instead of tdspolicy.
tdspasswd Generates and stores passwords in encrypted form:
  • When configuring LdapServicePassword, for example, when creating a service bind. See Using Service Binds.
  • For changing a user password.