Use the ktpass command to create the key for the first Teradata Vantage node in a system, or for a Unity server. The keytab file is created in the directory from which the command is issued unless you use -out keytab_filename to specify another location.
Generate the keys for each Unity server individually. Key generation for additional Unity servers does not follow the same rules as generating keys for additional nodes in a database system.
ktpass -princ SPN -mapuser [node_name|unity_server_name] -pass password -ptype KRB5_NT_PRINCIPAL -out keytab_filename
where:
Syntax Element | Description |
---|---|
-princ SPN | The SPN for a Teradata Vantage node or Unity server, as defined in Determining the SPN for Each Node and Unity Server. |
-mapuser node_name | The name of a Teradata Vantage node or Unity server created in step 4 of Creating an Active Directory User for Each Node and Unity Server. |
-pass password | The Password for the user represented by the node or Unity server name. Use the password assigned to the name in step 6 of Creating an Active Directory User for Each Node and Unity Server. |
-ptype KRB5_NT_PRINCIPAL | The principal name type. The example value, KRB5_NT_PRINCIPAL, is the same for all systems. Specify the -ptype exactly as shown for all Kerberos setups. |
-out keytab_filename | The name of the keytab file to which the keys are written, for example, domain_name.sys_name.keytab, where:
|
The order in which the ktpass parameters appear is not important.