17.20 - Implementation Process for Directory-Based IP Restrictions - Analytics Database - Teradata Vantage

Teradata Vantage™ - Analytics Database Security Administration - 17.20

Deployment
VantageCloud
VantageCore
Edition
Enterprise
IntelliFlex
VMware
Product
Analytics Database
Teradata Vantage
Release Number
17.20
Published
June 2022
Language
English (United States)
Last Update
2023-03-07
dita:mapPath
hjo1628096075471.ditamap
dita:ditavalPath
qkf1628213546010.ditaval
dita:id
zuy1472246340572
  1. Review the concepts in Designing Directory-Based IP Restrictions.
  2. Review the Standard Teradata Schema Objects in IP Restrictions, Special IP Filter Schema Objects in IP Restrictions, and Working with IP Filter Attributes that you must use to define directory-based IP restrictions.
  3. Create IP filter containers and IP filter objects in the directory, listing the database users (tdatUser objects) that are affected in the tdatIPFilterMember attributes for each filter. See Creating IP Filters Containers and Inserting IP Filters.
    Directory-based IP restrictions initially apply only to tdatUser objects, which are directory representations of users defined in the database. To apply IP restrictions to directory users, you must map the directory users to the tdatUser objects affected by the filters. See Applying IPFilters to Directory Users.
  4. Save the IP restriction-related objects and mappings in the directory.
  5. Test the restrictions. See Testing Directory-Based IP Restrictions.
  6. After you complete testing and any necessary revisions, implement the restrictions in the database GDO. See Enabling Directory-Based IP Restrictions with the ipdir2bin Utility.
  7. Use tpareset to restart the database to enable the directory-based restrictions.
    You only need to restart the database for the initial implementation of IP restrictions. Subsequent changes to the restrictions do not require a restart.