16.10 - Adding a User Mapping - Teradata Unity

Teradata Unity User Guide

Product
Teradata Unity
Release Number
16.10
Published
January 2018
Language
English (United States)
Last Update
2018-03-29
dita:mapPath
anz1496162519675.ditamap
dita:ditavalPath
ft:empty
User mapping rules are made up of an ordered list of filters that map a logon request to a specific routing rule. When you add a user mapping, you define which logon properties are assigned to a routing rule.
When you create a user mapping, the user role or profile you enter must already exist on the Teradata system. Roles and profiles are user-level security controls for the Teradata Database.

Use the wildcard (*) character when entering User, Account, Role, Profile, and Region string values as needed. Use a single wildcard (*), a leading or trailing wildcard (*user or user*), or a leading and trailing wildcard (*user*).

  1. In the Unity Setup portlet, click the Session Routing tab.
  2. Click User Mappings tab.
  3. Click .
  4. Next to User Mappings, click .
  5. In Add User Mapping, complete the following fields:
    Field Description
    Evaluation order Number indicating the ordered ranking of this user mapping in the User Mappings list. Unity checks user logon properties against the prioritized User Mapping list and uses the first mapping that matches. For example, if there are five user mappings, you can enter the number 6 for the least priority or any number between 1 and 5 to increase priority. If you use a number that already exists, the rule currently at that number and those below increase their evaluation order by 1.
    User Teradata username (userid). The user-string can be a complete string (user) or include one or more wildcard (*) characters.
    Account Account string value. The account string can consist of alpha-numeric and wildcard (*) characters.
    Account strings are loaded periodically, every 10 minutes by default, on each system. If there are changes with a user account string, an alert is sent to the Unity administrator. This alert must be manually cleared by the administrator. If this alert persists, it could indicate the user account strings does not match each of the Teradata systems. Administrator should validate the account strings for all users match on all managed systems.
    Role User role for this mapping. The role is an LDAP or Kerberos value and can be a complete string (for example, crmusers) or a wildcard (*) character to include multiple roles.
    Profile Name of the profile associated with the user. Profile only applied for external authentication (LDAP/Kerberos).
    Region Region name from the list or Any Region (*). The Any Region option applies this user mapping to all defined regions.
    Routing rule Routing rule name from the list.
  6. Click Save. The new mapping appears in the User Mappings list.
  7. Click Deploy to deploy the user mapping. Click Revert to Deployed to discard all changes.