Sample Identity Map for Simple User Names - Advanced SQL Engine - Teradata Database

Security Administration

Product
Advanced SQL Engine
Teradata Database
Release Number
17.10
Published
July 2021
Language
English (United States)
Last Update
2022-02-15
dita:mapPath
ppz1593203596223.ditamap
dita:ditavalPath
wrg1590696035526.ditaval
dita:id
B035-1100
lifecycle
previous
Product Category
Teradata Vantage™

You can use the following identity map for any simple username specified in a valid logon, for example, jsmith. You must include domain information sufficient to construct the DN as part of the Pattern attribute, for example:

<Mechanism Name="ldap">
    <MechanismProperties
        ...
        />
    <IdentityMap
      Match="(.*)"
      Pattern="cn=${1},ou=people,dc=div,dc=corp,dc=com"/>
      DatabaseName="svc1_${0}"/>
</Mechanism>
For sites using multiple directory services, where users normally log on using only simple uids, you can use the DatabaseName attribute to affix a string that represents the service to the authcid, to differentiate among possible duplicate usernames that may appear in the various services. Using the value shown in the IdentityMap example:
DatabaseName="svc1_${0}"

subsequent logons using the simple user name jsmith, identify the user as "svc1_jsmith" in the database, where ${0} causes the database to use the entire authcid (jsmith).