17.20 - Setting Up Directory Authentication - Analytics Database - Teradata Vantage

Teradata Vantage™ - Analytics Database Security Administration - 17.20

Deployment
VantageCloud
VantageCore
Edition
Enterprise
IntelliFlex
VMware
Product
Analytics Database
Teradata Vantage
Release Number
17.20
Published
June 2022
Language
English (United States)
Last Update
2023-03-07
dita:mapPath
hjo1628096075471.ditamap
dita:ditavalPath
qkf1628213546010.ditaval
dita:id
zuy1472246340572
  1. Verify that the database contains a username that matches the username of each directory user that requires access to the database. Create additional database users where required. See Creating Users and Granting Privileges.
  2. Enable external authentication in the database. See External Authentication Controls.
    • For the Vantage nodes with gateway installed, run:
      gtwcontrol -a ON
    • And, on all Vantage nodes, run dbscontrol and enter: m g 26 0
      dbscontrol m g 26 0
  3. Grant external authentication privileges to the matching database users. See External Authentication Requirements.
  4. Configure the LDAP mechanism in the TdgssUserConfigFile.xml using the following property values. Run dumpcfg to view the configuration.
    • MechanismEnabled = “yes” (the default)
    • AuthorizationSupported =”no”
  5. If the properties need to be modified, edit the TdgssUserConfigFile.xml and enable the new configuration on all systems. For database nodes perform the steps in Making Changes to TdgssUserConfigFile.xml on Database Nodes.
  6. Set the LDAP mechanism as the default on all clients that use LDAP authentication, or instruct users to specify the LDAP mechanism in the logon string.
  7. Use the logon format shown for LDAP authentication. See Logging on Using Sign-on As.