17.10 - Applying Integrity QOP Policy to a Directory User - Advanced SQL Engine - Teradata Database

Teradata Vantage™ - Advanced SQL Engine Security Administration

Product
Advanced SQL Engine
Teradata Database
Release Number
17.10
Release Date
July 2021
Content Type
Administration
Security
Publication ID
B035-1100-171K
Language
English (United States)

Specify the DN of a directory principal for LDAP users that are not mapped to a tdatUser object.

You can specify policy membership for directory principals only if AuthorizationSupported=no for both KRB5 and LDAP.

Using Teradata schema extensions:

dn: cn=default,cn=integ-qops,cn=policy1,cn=tdatrootP,dc=domain1,dc=com
changetype: modify
add: member
member: uid=dirUser1,ou=principals,dc=domain1,dc=com
-

Using native directory schema:

dn: cn=default,ou=integ-qops,ou=policy1,ou=tdatrootP,dc=domain1,dc=com
changetype: modify
add: member
member: uid=dirUser1,ou=principals,dc=domain1,dc=com
-