17.20 - Use Case for Combined IdentityMap and IdentitySearch - Analytics Database - Teradata Vantage

Teradata Vantage™ - Analytics Database Security Administration - 17.20

Deployment
VantageCloud
VantageCore
Edition
Enterprise
IntelliFlex
VMware
Product
Analytics Database
Teradata Vantage
Release Number
17.20
Published
June 2022
Language
English (United States)
Last Update
2023-03-07
dita:mapPath
hjo1628096075471.ditamap
dita:ditavalPath
qkf1628213546010.ditaval
dita:id
zuy1472246340572

A common use of an identity map with an identity search is when you employ a directory with two trees. In this scenario, each tree defines only a subset of all users, but either tree can authenticate any user. Suppose that:

You have two trees in your directory:

  • Tree A, named dc=div,dc=corp,dc=com and is in Windows domain DIV.
  • Tree B, named dc=newyork,dc=corp,dc=com and is in Windows domain NEWYORK.

You want to allow any of several username formats in logons:

  • UPN, for example, cc444555@div.com
  • The user DN, for example, cn=cc444555,ou=users,dc=newyork,dc=corp,dc=com

You also want to allow users to logon without the domain name, so that the directory can authenticate the following usernames, which require the directory to use the DIV tree:

  • cc444555
  • div\cc444555
  • cc444555@div.corp.com
  • newyork\cc444555
  • cc444555@newyork.corp.com