LDAP Mechanism Properties that Support Service Binds - Advanced SQL Engine - Teradata Database

Security Administration
Product
Advanced SQL Engine
Teradata Database
Release Number
17.05
17.00
Published
September 2020
Language
English (United States)
Last Update
2021-01-23
dita:mapPath
ied1556235912841.ditamap
dita:ditavalPath
lze1555437562152.ditaval
dita:id
B035-1100
lifecycle
previous
Product Category
Teradata Vantageā„¢

Evaluate all the LDAP mechanism properties that support service binds. You may need to configure some or all of them when implementing service binds on your system.

Configure the TdgssUserConfigFile.xml on each Teradata Vantage system served by the directory and the TdgssUnityConfig.xml on the Teradata Unity server, if used.
Property Setting Property Value Setting
LdapServiceBindRequired Yes/No Sets the requirement for a service bind.
  • A yes value means that TDGSS always performs a service bind.
  • A no value (the default) means that TDGSS performs a service bind only if IdentitySearch elements are present in the configuration.
LdapServiceFQDN Distinguished name Identifies the bindable object in the directory that represents the service identity, that is, a Teradata Vantage system or Unity server.
LdapServicePassword String If your site security policy requires a password for the service FQDN, configure a password as the value of this property.
LdapServicePasswordFile String (fully qualified file name) Name of a file that contains a list of encrypted, base64 encoded service passwords, one per line. Allows for changing the LDAP service password without requiring a database restart. See LdapServicePasswordFile.
LdapServicePasswordProtected Yes/No Enables encryption for the LDAP service password, if used.
  • Yes (the default) means that TDGSS stores the LdapServicePassword is stored in encrypted form.
  • No means that TDGSS stores the LdapServicePassword in plain text.

For detailed configuration information, see LDAP Binding Properties.