- Evaluate the system for directory management of Teradata Vantage users. See Evaluating the System for Directory Management of Users.
- Make sure your directory is compatible with Vantage.
- Run tests to ensure that the directory properly communicates with the database.
- Determine the directory authentication/authorization strategy and learn the configuration requirements. See Working with Directory User Management Options.Enable directory authentication/authorization as shown in the topics about setting up the options that you want to implement.
- For auto provisioning perform the steps in Option 2: Directory Authentication and Authorization or in Option 3: Non-LDAP External Authentication with Directory Authorization depending on which matches your site configuration.
- For lightweight LDAP authorizations perform the steps in Option 4: Lightweight LDAP Authorizations.
- Review directory user characteristics, privileges, and required directory setup tasks. See Directory User Characteristics.
- In the database, create profiles and external roles for assignment to directory users. See Creating Users and Granting Privileges.
- For information on creating external roles see Using Roles for Directory Users.
- For information on profiles see the topics beginning with Working with Database Profiles.Auto provisioned users must be assigned to a role or profile and not mapped to a database user.
- Provision directory users using either of these procedures.
- If they do not already exist in the directory, create database objects for roles and profiles. For auto provisioning create directory roles based on the external roles in the database. Assign directory principals to roles or profiles.Skip this step if you are using lightweight LDAP authorizations. For lightweight LDAP authorizations you do not need to create database objects for users, roles, and profiles in the directory (in the tdatSystem).
- See the examples in Mapping Directory Users to Vantage External Roles.
- For information on profiles see Assigning Profiles to Users and see the example in Mapping Directory Users to Vantage Profiles.
- Test the setup. See Testing Directory Authentication and Authorization Setup.
- Evaluate, and if necessary configure, LDAP binding and protection options. See:
- Evaluate, and if necessary, configure directory search options. See Optimizing Directory Searches.
- If multiple directory services access Teradata Vantage, evaluate the need to complete special setup procedures. See:
- Evaluate, and if necessary configure, network security policies in the directory. See Network Security Policy.