Directory Service Setup in the TdgssUserConfigFile.xml - Analytics Database - Teradata Vantage

Security Administration

Deployment
VantageCloud
VantageCore
Edition
Enterprise
IntelliFlex
VMware
Product
Analytics Database
Teradata Vantage
Release Number
17.20
Published
June 2022
Language
English (United States)
Last Update
2023-11-02
dita:mapPath
hjo1628096075471.ditamap
dita:ditavalPath
qkf1628213546010.ditaval
dita:id
zuy1472246340572
lifecycle
latest
Product Category
Teradata Vantage™

The following example shows the configuration of the three directory services in the <LdapConfig> section of the TdgssUserConfigFile.xml

The basic configuration structure required for defining security policies may have already been set up as part of configuring LDAP authentication using multiple directory services. See Configuring LDAP to Use Multiple Directory Services.
<LdapConfig>

    <Tls .../>

    <Services>

        <Service
            Id="hrsvc"
            LdapServerName="_ldap._tcp.hr.domain.com"
            
            LdapServiceFQDN="uid=dbcsvc,ou=services,dc=hr,dc=domain,  dc=com"
            LdapServicePassword="secret"
            .../>

        <Service
            Id="devsvc"
            LdapServerName="_ldap._tcp.dev.domain.com"
           
            LdapServiceFQDN="uid=dbcsvc,ou=services,dc=dev,dc=domain,  dc=com"
            LdapServicePassword="secret"
            .../>

        <Service
            Id="mktsvc"
            LdapServerName="_ldap._tcp.mkt.domain.com"
            
            LdapServiceFQDN="uid=dbcsvc,ou=services,dc=mkt,dc=domain,  dc=com"
            LdapServicePassword="secret"
            .../>

    </Services>

    <Canonicalizations>

        <IdentitySearch
            Ref="hrsvc"
            Match="hr_(.+)"
            Base="dc=hr,dc=domain,dc=com"
            Filter="(uid=${1})"
            Scope="subtree"
            DatabaseName="${1}"/>

        <IdentitySearch
            Ref="devsvc"
            Match="dev_(.+)"
            Base="dc=dev,dc=domain,dc=com"
            Filter="(uid=${1})"
            Scope="subtree"
            DatabaseName="${1}"/>

        <IdentitySearch
            Ref="mktsvc"
            Match="mkt_(.+)"
            Base="dc=mkt,dc=domain,dc=com"
            Filter="(uid=${1})"
            Scope="subtree"
            DatabaseName="${1}"/>

    </Canonicalizations>

</LdapConfig>