Teradata Embedded JDBC driver includes encryption?

Teradata Studio

Teradata Embedded JDBC driver includes encryption?

Hello,

From what I have read about similar topics in this forum, it looks like the JDBC driver can be configured with "Password_Protected", "LDAP" and "KRB5". Should I assume that this also means encrypted LDAP (LDAPS)? Does the Teradata JDBC driver accept what in the TD GSS configuration file is configured? I.e.  LDAPS port 636 with a Service Account and SSL/TLS trusted connection.

Thanks.

Regards

Salvatore ILardo

Tags (2)
2 REPLIES
Teradata Employee

Re: Teradata Embedded JDBC driver includes encryption?

LDAP authentication occurs on the server-side by the Teradata Database Gateway. It is not a function of the client-side Teradata Studio or client-side Teradata JDBC Driver.

Here is the response from the Teradata Database Gateway team:

We do support LDAP through SSL. It's 100% server-side so there should be no issue using the Teradata JDBC Driver with an SSL-enabled LDAP mechanism.  Whether we use SSL, TLS, or nothing at all has no impact on the token exchange.  And since it's all server-side, this is a detail that is completely opaque to the client side. 

There are two server-side (Teradata Database or Unity Director) configuration choices:

1. Configure the LdapServerName property to contain an LDAPS URL, e.g. ldaps://myserver.mycorp.com/

2. Configure the LdapServerName property to contain a normal LDAP URL, e.g. ldap://myserver.mycorp.com/ along with setting the LdapClientUseTls property to yes.

#2 is the method we consider a best practice for because LDAPS was deprecated by the LDAPv3 standard.  But the operative word is deprecated, not complete withdrawal of the capability.

Re: Teradata Embedded JDBC driver includes encryption?

Thanks.

Salvatore ILardo