17.10 - Configuring tdatSystem Objects - Advanced SQL Engine - Teradata Database

Teradata Vantage™ - Advanced SQL Engine Security Administration

Product
Advanced SQL Engine
Teradata Database
Release Number
17.10
Release Date
July 2021
Content Type
Administration
Security
Publication ID
B035-1100-171K
Language
English (United States)
The requirements for tdatSystem objects in the directory varies, depending on the number and configuration of Teradata Vantage systems:
  • If the directory serves a single Vantage system, create a single tdatSystem object, as shown in Example: tdatSystem.
  • If the directory serves multiple Vantage systems:
    • If the systems maintain the same set of users, profiles, roles and IP filters, and maps them to directory users in the same manner, you only need a single tdatSystem object for all systems.
    • If the users, profiles, roles, and IP filters diverge among multiple database systems, then you should create a separate tdatSystem object for each Vantage system.
    • If directory users for multiple Vantage systems log on through Unity, Teradata recommends that the LdapSystemFQDN property on all Vantage systems and connected Unity servers use the same authorization structure. If all Unity managed systems authenticate to the same directory, they should point to the same tdatSystem object. If they authenticate to different directories, the mappings to child objects for the tdatSystem object in each directory should be the same in all directories. See Teradata® Unity™ Installation, Configuration, and Upgrade Guide for Customers, B035-2523 and Teradata® Unity™ User Guide, B035-2520.