The following security administration tools are included with the installation of TDGSS.
| Tool | Description |
|---|---|
| dumpcfg | Allows you to view the TDGSS or TeraGSS configuration settings. These settings are stored in tdgssconfig.gdo, a binary-format globally distributed object file used by the database, or a flat file named tdgssconfig.bin for Unity or TTU clients. See Using the dumpcfg Utility to Check the Current Configuration. |
| ipdir2bin | Adds directory-based IP restrictions to the IP GDO. See Enabling Directory-Based IP Restrictions with the ipdir2bin Utility. |
| ipxml2bin | Adds XML based IP restrictions to the IP GDO. See Enabling XML-Based IP Restrictions with the ipxml2bin Utility. |
| ldapadd | Standard LDAP tool used to add objects to the directory. See the sections beginning with Creating the Top-Level Objects in the DIT. |
| ldapmodify | Used when adding Teradata schema extensions to a directory. See Installing Teradata Schema Extensions in a Certified Directory. |
| ldapsearch | Used when testing directory access to find directory objects, such as a user or the RootDSE Object. See About Ldapsearch. |
| run_tdgssconfig | Required by Unity to enable edits to TdgssUnityConfig.xml, for example, when you add a new mechanism or configure a mechanism property. See Making Changes to TdgssUserConfigFile.xml on Database Nodes. Note that TdgssUnityConfig.xml has the exact same format as TdgssUserConfigFile.xml, but is used specifically for Unity configuration. |
| tdgssauth | Test and verify security mechanism configurations are valid before bringing them live. You can use it with LDAP, Kerberos, and TDNEGO on Unity servers and Advanced SQL Engine nodes. |
| tdsbind |
Teradata recommends using tdgssauth instead of tdsbind.
|
| tdspolicy | Identifies security policy restrictions that apply to a specified user, profile, and IP address. See Investigating Security Policy Assignments. tdgssauth can be used instead of tdspolicy.
|
| tdspasswd | Generates and stores passwords in encrypted form:
|