Authentication/Authorization with Zones | Teradata Vantage - Using External Authentication and Authorization with Zones - Analytics Database - Teradata Vantage

Security Administration

Deployment
VantageCloud
VantageCore
Edition
Enterprise
IntelliFlex
VMware
Product
Analytics Database
Teradata Vantage
Release Number
17.20
Published
June 2022
Language
English (United States)
Last Update
2024-04-05
dita:mapPath
hjo1628096075471.ditamap
dita:ditavalPath
qkf1628213546010.ditaval
dita:id
zuy1472246340572
lifecycle
latest
Product Category
Teradata Vantage™

You can externally authenticate zone users using LDAP or Kerberos, but you cannot externally authorize zone users. The logon for any externally authorized user that is mapped to a zone user fails.

Zone guests can be externally authenticated and authorized. You can grant zone access to external roles that are mapped to groups in which zone guests are members. For external authorization to access objects within a zone to work, you must grant both of the following:
  • Zone access to the zone guests
  • The required discretionary access control privileges on the zone objects to external roles that are active for the zone guests’ sessions.