Configuring LDAP for Authentication Only - Analytics Database - Teradata Vantage

Security Administration

Deployment
VantageCloud
VantageCore
Edition
Enterprise
IntelliFlex
VMware
Product
Analytics Database
Teradata Vantage
Release Number
17.20
Published
June 2022
Language
English (United States)
Last Update
2024-04-05
dita:mapPath
hjo1628096075471.ditamap
dita:ditavalPath
qkf1628213546010.ditaval
dita:id
zuy1472246340572
lifecycle
latest
Product Category
Teradata Vantage™

Teradata GSS provides a large number of LDAP properties to support various directory-based security strategies. Teradata recommends that you start by implementing LDAP authentication for a few users and then add other options, for example, authorization of user privileges in the directory, as needed.

If you only configure LDAP authentication, user privileges are authorized by the database. Authenticated users must have the same username in the database and the directory.

The following LDAP mechanism property settings are required for the authentication-only strategy:
  • Make sure that the MechanismEnabled property is set to ‘yes’ (the default).
  • Configure the LdapServerName property. See LdapServerName.

The procedure configuring mechanism property values in the TdgssUserConfigFile.xml is shown in Making Changes to TdgssUserConfigFile.xml on Database Nodes.