The Lightweight LDAP Authorization feature allows customers to utilize their existing directory service to authorize Teradata Database users without modifying their directory to include Teradata-specific schema, structures, or entries. Lightweight LDAP Authorizations maps Teradata external roles to existing directory groups.
- Works with LDAPv3 compliant directory servers (LDAP and KRB5).
- No Teradata infrastructure or objects need to be added to the customer's directory server.
- Logon performance is improved in comparison to legacy authorization mechanisms.
- Because Teradata-specific entries are not required in the directory, customers can use directory management tools, such as Microsoft's Management Console snap-ins to manage their directory.
- The Teradata Generic Security Service (Tdgss) configuration file must be edited to support using lightweight authorizations.
For more information, see Teradata Vantage™ NewSQL Engine Security Administration, B035-1100.