Configure NTP Time Synchronization | Teradata Viewpoint - 17.10 - Configuring LDAP for Teradata Viewpoint - Teradata Viewpoint

Teradata® Viewpoint Installation, Configuration, and Upgrade Guide for Customers

Product
Teradata Viewpoint
Release Number
17.10
Release Date
October 2021
Content Type
Administration
Configuration
Installation
Publication ID
B035-2207-101K
Language
English (United States)
When using LDAP with Teradata Viewpoint, use one of the following methods to add user accounts:
  • Manually entered without LDAP authentication
  • Manually entered with LDAP authentication
  • Auto-provisioned with LDAP authentication

When users are auto-provisioned, the administrator does not need to enter their account into Teradata Viewpoint. LDAP validation works in conjunction with the Externally Authenticated? flag on the Add User and Modify User dialog boxes in the User Manager portlet. If the Externally Authenticated? check box is selected, the user is authenticated through LDAP when logging in. The Externally Authenticated? check box is automatically selected when a user is created using auto-provisioning. The first time these users log in to Teradata Viewpoint, they are validated against the LDAP directory. If their credentials are valid, a Teradata Viewpoint account is created for them.

Use the LDAP Servers portlet to:
  • Add and delete an LDAP configuration in Teradata Viewpoint
  • Enable and disable the LDAP after it has been added
  • Use the auto-provisioning feature to automatically add users to Teradata Viewpoint on first login
  • Use the role mapping feature to position the new user in Teradata Viewpoint

Prerequisites

  • A basic understanding of LDAP
  • The URL of the LDAP server, for example, ldap://ldap.acme.com:389
  • The username and password of a user or availability of that user to test the configuration

Definitions

Lightweight Directory Access Protocol (LDAP)
Technically an application-protocol, LDAP is frequently used to refer to a directory server such as Microsoft Active Directory or OpenLDAP.
LDAP Data Interchange Format (LDIF)
A standard, plain-text data interchange format for representing LDAP directory content and update requests.
Distinguished Name (DN)
The full "path" to a user-entry in LDAP. Every user DN is, by definition, unique. The DN consists of its Relative Distinguished Name (RDN) constructed from some attributes in the entry, followed by the parent entry DN. Think of the DN as a full file name and the RDN as a relative filename in a folder. In the following example, the DN is the entire string.
CN=joec,OU=NorthAmerica,OU=User
Accounts,DC=td,DC=acme,DC=com
Relatively Distinguished Name (RDN)
The part of a DN that distinguishes an entry from others at the same level in the tree.
Common Name (CN)
An attribute of a user-entry that is typically part of the user DN and very often, but not always, the same value as the user corporate username. In the following example, the CN is joec.
CN=joec,OU=NorthAmerica,OU=User
Accounts,DC=td,DC=acme,DC=com
Bind
Used for LDAP authentication, binding is an LDAP operation that authenticates a username and a password.
Service Account
An LDAP service account is an account (username and password) not associated with a user, but existing for the purposes of binding to LDAP to perform a search of the directory. Typically, a service account is required when the DN of an authenticating-user is unknown, and an LDAP search (based on some other attribute of the user-entry such as sAMAccountName) must first be performed to determine the user DN. After the user DN has been determined, a normal bind using the user DN and password is run.
Viewpoint Authenticator
Also referred to simply as the Authenticator, this component of Teradata Viewpoint runs the authentication process against LDAP, among other actions.