16.10 - Moving the Kerberos Keys to a Teradata Database System or Unity Server - Teradata Database

Teradata Database Security Administration

Product
Teradata Database
Release Number
16.10
Release Date
June 2017
Content Type
Administration
Security
Publication ID
B035-1100-161K
Language
English (United States)

After you generate Kerberos keys on the KDC(s), you must securely move copies of the set of KDC keytab files for each Teradata Database system from the KDC to a temporary location on each node in the corresponding database system, and move Unity server KDC keytab files to the corresponding Unity servers.

If a Teradata Database system or Unity sever resides in multiple domains, you must move the keytab files from the KDC in each domain to the database system and the Unity server. Save the copies of the keytab files here: /opt/teradata/tdat/tdgss/site/domain_name.sys_name.keytab.

This is a temporary location to use when you install the keys to the permanent location in Installing the Kerberos Keys. Each keytab file must have a unique file name.