Implementing Roles for Directory Authorization of Database Privileges - Advanced SQL Engine

Implementing Roles for Directory Authorization of Database Privileges - Advanced SQL Engine - Teradata Database

Security Administration

Product

Advanced SQL Engine

Teradata Database

Release Number

17.05

17.00

Published

September 2020

Language

English (United States)

Last Update

2021-01-23

dita:mapPath

ied1556235912841.ditamap

dita:ditavalPath

lze1555437562152.ditaval

dita:id

B035-1100

lifecycle

Product Category

Teradata Vantage™

Create external roles as shown in Creating and Dropping External Roles.
Review directory user management options and select a user provisioning strategy. See Directory Management of Database Users.
Create one or more directory role objects with names that match Teradata Vantage external roles and map the roles to directory group objects.
For information, see Provisioning Directory Users with Teradata Schema Extensions or Using Native Directory Schema to Provision Directory Users.

Since roles are assigned by mapping instead of role grants, assignments cannot include WITH ADMIN OPTION.

Additional considerations apply when configuring directory authorization in a Unity environment. See Teradata® Unity™ Installation, Configuration, and Upgrade Guide for Customers, B035-2523 and Teradata® Unity™ User Guide, B035-2520.