16.10 - LdapClientRandomDevice - Teradata Database

Teradata Database Security Administration

Teradata Database
June 2017

The LdapClientRandomDevice property specifies a device, FIFO, or pipe that provides random bits when the default random number generator, for example /dev/[u]random on Linux, is not available, or if another random number generator is preferred.

This property is supported on systems that use DIGEST-MD5 binding. For systems that use simple binding with SSL or TLS protection, see LdapClientTlsRandFile.

Default Property Value

The default setting is "", that is, no device, FIFO, or pipe is specified.

Valid Settings

Setting Description
"" No random number generator is specified. The system uses the default random number generator for the operating system.
A file name Specifies a device, FIFO, or pipe that provides random bits.

Supporting Mechanisms for LdapClientRandomDevice

Mechanisms that are not listed in the table do not support this property. The Property Editable column indicates if the setting for a property may be edited.
Mechanism Property Editable?
KRB5 May Be Edited
To set a value, you must manually add this property to the TdgssUserConfigFile.xml for the LDAP mechanism. See About Editing Configuration Files.

Editing Guidelines

  • Edit this property on the database and on Unity, if used. Also see Coordinating Mechanism Property Values for Unity.
  • Use the default setting, if possible. Specify a value for the LdapClientTlsRandFile only when the default random number generator) is not available, or if you want to use another random number generator.
  • If the default is not available, you can install a copy of EGD or PRNGD every node, to provide a random number generator, and set the value of this property to the name of the EGD or PRNGD socket.
    The installed copy of EGD or PRNGD must have the same name on all Teradata Database nodes. See the EGD or PRNGD Readme file for details.