17.10 - If All Directory Users Are Unmapped - Advanced SQL Engine - Teradata Database

Teradata Vantage™ - Advanced SQL Engine Security Administration

Advanced SQL Engine
Teradata Database
Release Number
Release Date
July 2021
Content Type
Publication ID
English (United States)

If no directory users are mapped to Teradata Vantage users, you can set the LDAP mechanism AuthorizationSupported property no, to allow directory users with a username that matches a Vantage username to:

  • Log on to the database and be authenticated by the directory
  • Inherit all the database privileges of the matching database user

Unmapped directory users whose user names do not match a database username cannot access the database. The exception is EXTUSER. If a user is assigned to EXTUSER, the user is provided limited database access in the same way that PUBLIC provides limited access to permanent database users. Additionally, if a user is assigned to EXTUSER or assigned to a role or profile, and if auto provisioning is configured on the system, an individual database account will automatically be created for the user.