LDAP Authentication Requirements | Teradata Vantage - 17.10 - LDAP Authentication with Teradata Vantage Authorization - Advanced SQL Engine - Teradata Database

Teradata Vantage™ - Advanced SQL Engine Security Administration

Product
Advanced SQL Engine
Teradata Database
Release Number
17.10
Release Date
July 2021
Content Type
Administration
Security
Publication ID
B035-1100-171K
Language
English (United States)
  • The directory should be LDAPv3-compliant. See About Certified Directories.
  • Verify that the LDAP mechanism is enabled on all Kerberos clients, on all Vantage systems to which they connect, and the Unity server, if used. Set the LDAP mechanism as the client default, or the user must specify it at logon.
  • The directory username used at logon must match a Teradata Vantage username. For acceptable logon username forms, see Logging on Using Sign-on As.
  • The matching Vantage username must have LOGON ... WITH NULL PASSWORD privileges. See Working with User Privileges in Teradata Vantage.
  • The LDAP AuthorizationSupported property must be set to no in the TdgssUserConfigFile.xml on the Teradata Vantage system and in the TdgssUnityConfig.xml on the Unity server if used. See Changing the TDGSS Configuration.
  • For LDAP authenticated users logging on through Unity, see Teradata® Unity™ Installation, Configuration, and Upgrade Guide for Customers, B035-2523 and Teradata® Unity™ User Guide, B035-2520.