Assign Role Based on LDAP Group Membership Example | Teradata Viewpoint - 17.10 - Example: Assigning a Teradata Viewpoint Role Based on LDAP Group Membership - Teradata Viewpoint - Teradata Workload Management

Teradata® Viewpoint User Guide

Product
Teradata Viewpoint
Teradata Workload Management
Release Number
17.10
Release Date
October 2021
Content Type
User Guide
Publication ID
B035-2206-101K
Language
English (United States)

In the following example, LDAP Value represents the distinguished name (DN) of a group. When Type is Group, the Group Attribute Name field is used for mapping and represents the group attribute where the user DN is stored.

This example assigns users to a Teradata Viewpoint role based on membership in an LDAP group with the following structure:

dn: cn=DBAs,ou=Groups,dc=teradata,dc=com
uniqueMember: cn=User2,ou=Users,dc=teradata,dc=com

To map User2 to the Teradata Viewpoint role Administrator, create the following role mapping:

  1. Type ou=Groups,dc=teradata,dc=com in the Group Search Base field.
  2. Type uniqueMember in the Group Attribute Name field.
  3. Set Type to Group.
  4. Type the LDAP Value cn=DBAs,ou=Groups,dc=teradata,dc=com.
  5. Set Viewpoint Role to Administrator.