17.10 - Applying Confidentiality QOP Policy to Directory Principals - Advanced SQL Engine - Teradata Database

Teradata Vantage™ - Advanced SQL Engine Security Administration

Product
Advanced SQL Engine
Teradata Database
Release Number
17.10
Published
July 2021
Language
English (United States)
Last Update
2022-02-15
dita:mapPath
ppz1593203596223.ditamap
dita:ditavalPath
wrg1590696035526.ditaval
dita:id
zuy1472246340572

You can specify a directory principal DN for an LDAP user not mapped to a Teradata user object.

You can specify policy membership for directory principals only if AuthorizationSupported=no for both KRB5 and LDAP.

When using Teradata schema extensions:

dn: cn=default,cn=conf-qops,cn=policy1,cn=tdatrootP,dc=domain1,dc=com
changetype: modify
add: member
member: uid=jdoe,ou=principals,dc=domain1,dc=com
-

When using native directory schema:

dn: cn=default,ou=conf-qops,ou=policy1,ou=tdatrootP,dc=domain1,dc=com
changetype: modify
add: member
member: uid=jdoe,ou=principals,dc=domain1,dc=com
-