How do I connect to Teradata with LDAP?

How do I connect to Teradata with LDAP authentication using Aqua Data Studio?

Parents
  • From the Teradata documentation :

    a. Update tdgssconfig.jar with the modified TdgssUserConfigFile.xml.

    b. Modifiy modelmanager-ds.xml

        The URL connection should be: “jdbc:teradata://localhost/DATABASE=mmMeta,TMODE=TERA,LOGMECH=LDAP,L OGDATA='authcid=dn:cn=TWM01,dc=tera,dc=data password=TWM01'”

    c. Remove username and password attributes from modelmanager-ds.xml.

        For LDAP authentication, the logdata must contain at least the user's authcid (authentication id) and the user's password. The LDAP logdata parameters are space separated and not comma separated.

        This form of logdata will work with Sun and few other directories using DIGEST-MD5 binding, it would not work with Active Directory or ADAM.

        Assuming that you are using a Sun or other non-Microsoft directory and you have Teradata schema installed in your directory service, the user "cn=twm01,dc=tera,dc=data" is explicitly mapped to a Teradata user, profile or role. Otherwise, the Teradata user name would be taken from the first 30 characters of your authcid , which would make your Teradata user name as "dn:cn=TWM01,dc=tera,dc=data" which is not the expected one.

        If you're using Active Directory, it is recommended to use DIGEST-MD5 binding and your domain user name for the authcid or simple binding and the contents of the user's userPrincipalName attribute as the authcid.

        If you're using ADAM, it is recommended to use simple binding and the contents of the user's userPrincipalName attribute as your authcid. In all cases where simple binding is employed, the best practice is to configure your directory service so that SSL or TLS protection is enabled and the database is configured to use either SSL or TLS when communicating with your directory service.
     

Reply Children
No Data