17.20 - Comparing User Identification Options - Analytics Database - Teradata Vantage

Teradata Vantage™ - Analytics Database Security Administration - 17.20

Deployment
VantageCloud
VantageCore
Edition
Enterprise
IntelliFlex
VMware
Product
Analytics Database
Teradata Vantage
Release Number
17.20
Published
June 2022
Language
English (United States)
Last Update
2023-03-07
dita:mapPath
hjo1628096075471.ditamap
dita:ditavalPath
qkf1628213546010.ditaval
dita:id
zuy1472246340572
You can configure user identification options to:
  • Increase the directory efficiency of binding the simple username to the DN.
  • Provide a link between the simple username and the DN in directories where the link does not exist, to allow directory users to logon with a simple username.
Identification Option Description
Using Identity Mapping An identity map defines a pattern and a rule that identifies the structure of the DN and how it relates to the simple user name.
Identity maps:
  • Are easier to configure
  • Do not require a service bind
  • Are useful if the map can construct the user DN with only the information in the simple username, which is sometimes not possible.
Using Identity Searches An identity search describes search criteria that LDAP uses to locate the user in the directory, and also allows you to specify the search scope and a filter, for a more precise search.
Identity searches:
  • Require a more complex configuration than identity maps
  • Can find any user regardless of its location in the directory
  • Require a service bind, which you must configure
  • Are useful when the directory does not have a strict hierarchical structure

You can configure both identification options concurrently, if needed. See Using Multiple IdentityMap and IdentitySearch Elements in Combination.