advertisement
Authentication and Security
Using Single Sign-on (SSO) example, if libvas-gssapi.so
is deployed at
/usr/lib64
, then the
GSSPath parameter needs to be set to
/usr/lib64
in the
ODBC.ini
config file as shown below:
GSSPath=/usr/lib64
• For 32-bit Linux machines: The ODBC driver assumes that libvas-gssapi.so
is present at
/opt/quest/lib/
. If
/opt/quest/lib/libvas-gssapi.so
does not exist, locate libvas-gssapi.so
by referring to the VAS documentation and set the
GSSPath
parameter to point to the installed location of libvas-gssapi.so
. For example, if libvas-gssapi.so
is deployed at
/usr/lib
, then the
GSSPath parameter needs to be set to
/usr/lib
in the
ODBC.ini
config file as shown below:
GSSPath=/usr/lib
Adding AD-Based SSO Authentication to ODBC Connections with SSL
If your Aster Database is configured to authenticate users against Active Directory (“AD”), you can configure your Aster ODBC clients to authenticate against AD, too. With this configuration in place, each ODBC client will be required to authenticate against AD when it tries to connect to Aster Database. If the ODBC client authenticates successfully, an SSL channel is established automatically for communication between Aster Database and the client. When your system is configured to use SSO, the
\password
command in ACT will not be available.
Using SSO with ACT
Note that when using SSO with ACT, the
-U
and
-w
options are not used, because the username and password are passed directly to the host via SSO. Also, when using SSO, you should specify a fully qualified hostname using the
-h
option, as in the example:
<hostname>.<domain>.<com|org etc>
. If only the hostname is used, ACT will append the local domain name before attempting to look up the host. Using an IP address with
-h
is not supported with SSO.
The following is an example of a configuration file that uses SSO:
# ACT configuration file example
# Contains settings for connecting securely to a specific host and database host: saturn.asterdata.com
dbname: sampledb username: sampleuser
# SSL settings enable-ssl: true ssl-self-signed-peer: true
# SSO settings enable-sso: true
50 Aster Client Guide
advertisement
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
advertisement
Table of contents
- 10 Conventions Used in This Guide
- 10 Typefaces
- 10 SQL Text Conventions
- 11 Command Shell Text Conventions
- 11 Contact Teradata Global Technical Support (GTS)
- 11 About Teradata Aster
- 11 About This Document
- 12 Version History
- 14 Aster Client Support Matrices
- 14 Aster Client Platform and OS Support Matrix
- 17 Aster ODBC Driver Support Matrix
- 19 Obtaining Aster Client Packages
- 19 Installing the Aster Database Cluster Terminal (ACT)
- 20 Installing ACT on Windows
- 20 Installing ACT on Linux
- 21 Installing ACT on Mac OS
- 21 Installing ACT on Solaris
- 21 Installing ACT on AIX
- 22 Configuring ACT for the Aster File Store
- 23 Installing and Configuring ODBC
- 23 ODBC Driver Manager Compatibility
- 23 Optional ODBC Setting for varchar Data
- 24 Install ODBC on Windows
- 27 Install ODBC on Linux, Solaris, or Mac OS
- 29 Install ODBC on AIX
- 29 Configure DataDirect Driver Manager on Linux and AIX
- 31 Install ODBC on Solaris
- 31 Configure DataDirect Driver Manager on Solaris
- 38 Installing the .NET Data Provider for Aster
- 38 Prerequisites
- 38 Procedure
- 40 Installing the Loader Tool
- 41 Installing the Export Tool
- 41 Installing Teradata Wallet
- 41 Download Teradata Wallet
- 41 Install and Configure Teradata Wallet on Linux
- 43 Install and Configure Teradata Wallet on Windows
- 45 Teradata Wallet
- 46 Wallet Contents
- 46 Teradata Wallet Commands
- 47 Usage
- 48 Authentication Cascading
- 48 Prerequisites
- 48 Authentication Cascading Continuity
- 49 Using Single Sign-on (SSO)
- 49 Configuring Single Sign-on (SSO) with SSL on the Queen
- 49 Configuring the Registry Key for JDBC on Windows
- 49 ODBC with SSO Client-Side Settings
- 50 Adding AD-Based SSO Authentication to ODBC Connections with SSL
- 50 Using SSO with ACT
- 51 SSL Security Basics
- 51 SSL Port Number
- 51 SSL-Related Files and Settings
- 51 SSL Settings on the Queen Reference
- 52 Setting Configuration Parameters on the Queen
- 53 Creating Certificates
- 54 SSL Basics for ODBC
- 54 Setting SSL Parameters for the ODBC Client
- 59 SSL Security Scenarios
- 60 Scenario 1: Queen Provides a Self-Signed Certificate
- 62 Scenario 2: Client Must Have a CA-Signed Copy of the Server’s Certificate
- 64 Scenario 3: Client CA-signed Certificate Must Match the Queen Certificate
- 67 Scenario 4: Encrypting Communication from the Queen to the Client
- 69 Scenario 5: Client has a Copy of the Certificate You Provide
- 73 ACT Quick Start
- 74 Launching ACT
- 74 Launching ACT on Windows
- 75 Launching ACT on Linux, Solaris or AIX
- 75 Launching ACT on Mac
- 75 Launching ACT Directly on the Queen
- 75 Logging In to ACT
- 76 Startup Parameters for ACT
- 79 Using the "on-error-stop" Option in ACT
- 80 Using a Configuration File to Pass ACT Startup Parameters
- 82 Using ACT
- 82 Issuing SQL Queries
- 84 Exit ACT
- 84 Page Through Query Results
- 84 Throttle Query Results in ACT and Aster Database
- 87 ACT Utility Commands
- 87 Repeat Previously Typed Commands
- 87 Tab Completion
- 88 ACT Commands (at the SQL Prompt)
- 94 Aster File Store Commands
- 94 Specifying a URI or Path
- 95 AFS Command Reference
- 98 Java Properties for AFS Clients
- 102 Setting Database Parameters
- 103 Troubleshooting ACT
- 103 ACT Connection Hangs When Using SSL
- 103 Invalid User Name Error in ACT After Password Change
- 103 Misleading Error Message Reports Problem With a Role Instead of With a User
- 105 General Tips for Connecting Clients to Aster Database
- 105 Recommended Character Set Is UTF
- 106 Supported Encoding
- 106 When Querying System Tables with ODBC, Set AUTOCOMMIT to 'OFF
- 106 ODBC Driver
- 106 Using an ODBC Configuration File or Connection String
- 106 Enable Authentication Cascading
- 107 ODBC Usage Notes
- 108 Set Up ODBC for Perl Connectivity on Linux
- 109 Set up ODBC for PHP
- 110 JDBC Driver
- 110 Aster JDBC Driver
- 111 Differences from the Legacy JDBC Driver
- 111 Before You Start
- 111 Install the JDBC Driver
- 112 Use the JDBC Driver in a Java Application
- 113 Parameters for Connecting through JDBC
- 114 Enable Authentication Cascading
- 114 Configuring the JDBC Log Settings
- 115 Behavior and Performance Settings for JDBC
- 119 Cancel
- 121 Supported SQL Commands
- 124 Using Client-Side Cursors in JDBC
- 126 Test JDBC Connect Program
- 128 Configure Aster Database SQL Settings
- 128 SQL Behavior Parameters
- 128 Setting the SQL Behavior Parameters
- 129 Syntax for ODBC Commands
- 130 Process SQL Statements in JDBC
- 130 Process a Simple Query in JDBC
- 131 JDBC Troubleshooting and Limitations
- 132 Connect Reporting Tools to Aster Database
- 132 Connect Aqua Data Studio to Aster Database
- 133 Connect MicroStrategy to Aster Database
- 135 Loading Data with the SSIS .NET Data Provider for Aster
- 135 Overview
- 135 Procedure
- 147 Using the Teradata Aster Connector for SSIS
- 147 Teradata Aster SSIS Connector Features
- 147 Connection Managers
- 148 Data Type Mapping
- 152 Installing the Teradata Aster SSIS Connector
- 153 Creating an Integration Services Project
- 156 Using SSIS Connector
- 172 Internationalization and Locale support
- 173 Example: Using Aster Export Source and Aster Loader Destination
- 178 Working with SSIS Connector Solution Packages
- 180 Possible Exceptions and Resolutions for .NET
- 181 Best Practices for Data Loading
- 181 Loading Terminology
- 182 Scenario 1: Pre-Production Data Loading
- 183 Scenario 2: Loading in a Production Environment
- 186 Loading Best Practices Summary
- 186 Aster Loader Tool
- 186 Syntax
- 188 Argument Flags
- 193 Exit Status
- 194 Loading Data with the Loader Tool
- 195 Removing Nulls from Data with Aster Loader Tool on Linux
- 196 Removing NULLs from Data
- 196 Loading from Multiple Files Using a Map File
- 200 Examples
- 201 Hints for Successful Loading
- 204 Error Logging
- 205 Troubleshoot Loading
- 205 Running Multiple Loaders Concurrently
- 205 Load Stalls Upon Cancellation or Failure Encountered During a Load
- 206 Load Fails on UNIQUE or PRIMARY KEY Violation
- 206 Invalid Input Syntax Error
- 206 Single Quote Character Must be Escaped When Using the -q Option
- 206 Using the -C Option With Uppercase or Special Characters
- 207 Uppercase Characters are Passed as Lowercase if not Escape Quoted
- 207 Issues Using Escape Characters
- 209 Aster Export Tool
- 209 Synopsis
- 211 Argument Flags