- Manually entered without LDAP authentication
- Manually entered with LDAP authentication
- Auto-provisioned with LDAP authentication
When users are auto-provisioned, the administrator does not need to enter their account into Teradata Viewpoint. LDAP validation works in conjunction with the Externally Authenticated? flag on the Add User and Modify User dialog boxes in the User Manager portlet. If the Externally Authenticated? check box is selected, the user is authenticated through LDAP when logging in. The Externally Authenticated? check box is automatically selected when a user is created using auto-provisioning. The first time these users log in to Teradata Viewpoint, they are validated against the LDAP directory. If their credentials are valid, a Teradata Viewpoint account is created for them.
- Add and delete an LDAP configuration in Teradata Viewpoint
- Enable and disable the LDAP after it has been added
- Use the auto-provisioning feature to automatically add users to Teradata Viewpoint on first login
- Use the role mapping feature to position the new user in Teradata Viewpoint
- A basic understanding of LDAP
- The URL of the LDAP server, for example, ldap://ldap.acme.com:389
- The username and password of a user or availability of that user to test the configuration
- Lightweight Directory Access Protocol (LDAP)
- Technically an application-protocol, LDAP is frequently used to refer to a directory server such as Microsoft Active Directory or OpenLDAP.
- LDAP Data Interchange Format (LDIF)
- A standard, plain-text data interchange format for representing LDAP directory content and update requests.
- Distinguished Name (DN)
- The full "path" to a user-entry in LDAP. Every user DN is, by definition, unique. The DN consists of its Relative Distinguished Name (RDN) constructed from some attributes in the entry, followed by the parent entry DN. Think of the DN as a full file name and the RDN as a relative filename in a folder. In the following example, the DN is the entire string.
- Relatively Distinguished Name (RDN)
- The part of a DN that distinguishes an entry from others at the same level in the tree.
- Common Name (CN)
- An attribute of a user-entry that is typically part of the user DN and very often, but not always, the same value as the user corporate username. In the following example, the CN is joec.
- Used for LDAP authentication, binding is an LDAP operation that authenticates a username and a password.
- Service Account
- An LDAP service account is an account (username and password) not associated with a user, but existing for the purposes of binding to LDAP to perform a search of the directory. Typically, a service account is required when the DN of an authenticating-user is unknown, and an LDAP search (based on some other attribute of the user-entry such as sAMAccountName) must first be performed to determine the user DN. After the user DN has been determined, a normal bind using the user DN and password is run.
- Viewpoint Authenticator
- Also referred to simply as the Authenticator, this component of Teradata Viewpoint runs the authentication process against LDAP, among other actions.