The tdgssauth standalone tool is used to test TDGSS security mechanism configurations on Teradata Database nodes and Unity servers. tdgssauth is used to test and correct authentication, authorization, and policy failures offline:
- tdgssauth is used offline to minimize the number of server TPA resets when bringing external authentication deployments and configuration fixes live.
- tdgssauth tests the following mechanisms: LDAP, Kerberos, and TDNEGO.
A copy of tdgssauth is included in the TDGSS software installed on all Teradata Database nodes and Unity servers. tdgssauth is located in /opt/teradata/tdgss/bin.
You can use tdgssauth to:
- Verify a permanent user's authentication and authorization properties using LDAP. See Example: tdgssauth Verifying a Permanent User's Authentication and Authorization Properties.
- Verify an unmapped directory user. See Example: tdgssauth Verifying an Unmapped User's Authentication and Authorization Parameters Using LDAP .
- Verify a database users' security properties using TD2. See Example: tdgssauth Verifying a Database User's Security Properties Using TD2.