Using Sign-on As with Teradata Authorization - Analytics Database - Teradata Vantage

Security Administration

Deployment
VantageCloud
VantageCore
Edition
Enterprise
IntelliFlex
VMware
Product
Analytics Database
Teradata Vantage
Release Number
17.20
Published
June 2022
Language
English (United States)
Last Update
2023-11-02
dita:mapPath
hjo1628096075471.ditamap
dita:ditavalPath
qkf1628213546010.ditaval
dita:id
zuy1472246340572
lifecycle
latest
Product Category
Teradata Vantage™
After the external agent authenticates the user, it passes the external user name to the database for authorization, based on the access privileges available to the matching database username.
  • Enable external authentication in the database. See External Authentication Controls.
  • At logon, the user must specify a mechanism that corresponds to the agent that does the authentication, from the following mechanisms:
    • KRB5
    • SPNEGO (not available for ODBC-based applications)
    • LDAP
    Sign-on As using Kerberos authentication (KRB5 or SPNEGO mechanism) is usable only from Windows clients.
  • Set the AuthorizationSupported property for the authenticating mechanism to no.
    This setting ignores any directory mappings that may exist for the user.
  • Ensure that the logon username matches a Teradata Vantage username that has WITH NULL PASSWORD privileges. See External Authentication Requirements.