17.10 - If All Directory Users Are Unmapped - Advanced SQL Engine - Teradata Database

Teradata Vantage™ - Advanced SQL Engine Security Administration

Product
Advanced SQL Engine
Teradata Database
Release Number
17.10
Published
July 2021
Language
English (United States)
Last Update
2022-02-15
dita:mapPath
ppz1593203596223.ditamap
dita:ditavalPath
wrg1590696035526.ditaval
dita:id
zuy1472246340572

If no directory users are mapped to Teradata Vantage users, you can set the LDAP mechanism AuthorizationSupported property no, to allow directory users with a username that matches a Vantage username to:

  • Log on to the database and be authenticated by the directory
  • Inherit all the database privileges of the matching database user

Unmapped directory users whose user names do not match a database username cannot access the database. The exception is EXTUSER. If a user is assigned to EXTUSER, the user is provided limited database access in the same way that PUBLIC provides limited access to permanent database users. Additionally, if a user is assigned to EXTUSER or assigned to a role or profile, and if auto provisioning is configured on the system, an individual database account will automatically be created for the user.