TDGSS LdapGroupBaseFQDN Property | Teradata Vantage - 17.20 - LdapGroupBaseFQDN - Analytics Database - Teradata Vantage

Teradata Vantage™ - Analytics Database Security Administration - 17.20

Deployment
VantageCloud
VantageCore
Edition
Enterprise
IntelliFlex
VMware
Product
Analytics Database
Teradata Vantage
Release Number
17.20
Published
June 2022
Language
English (United States)
Last Update
2023-03-07
dita:mapPath
hjo1628096075471.ditamap
dita:ditavalPath
qkf1628213546010.ditaval
dita:id
zuy1472246340572

This property helps LDAP narrow the directory search during user authorization, when directory groups are mapped to one or more Teradata Vantage external roles.

For additional information on optimizing directory searches, see Configuring LDAP Properties to Narrow the Search Base.

Valid Settings

  • “” (default), that is, the property does not specify an object to narrow the search.
  • The FQDN of a directory object that contains the group objects that map to Teradata role objects in the directory.

Editing Guidelines

  • This property appears by default in the library configuration file for the LDAP mechanism. You can manually add it to the TDGSS configuration file for other supporting mechanisms, if needed. See Editing Configuration Files.
  • You should specify a value for LdapGroupBaseFQDN if the AuthorizationSupported property for the mechanism is set to yes.
  • For best results, set the value of LdapGroupBaseFQDN to the FQDN of an object one level higher in the directory tree than the highest level group object that maps to Teradata Vantage external role objects.
  • Edit this property on database nodes.