Comparing User Identification Options - Advanced SQL Engine - Teradata Database

Security Administration
Product
Advanced SQL Engine
Teradata Database
Release Number
17.05
17.00
Published
September 2020
Language
English (United States)
Last Update
2021-01-23
dita:mapPath
ied1556235912841.ditamap
dita:ditavalPath
lze1555437562152.ditaval
dita:id
B035-1100
lifecycle
previous
Product Category
Teradata Vantageā„¢
You can configure user identification options to:
  • Increase the directory efficiency of binding the simple username to the DN.
  • Provide a link between the simple username and the DN in directories where the link does not exist, to allow directory users to logon with a simple username.
Identification Option Description
Using Identity Mapping An identity map defines a pattern and a rule that identifies the structure of the DN and how it relates to the simple user name.
Identity maps:
  • Are easier to configure
  • Do not require a service bind
  • Are useful if the map can construct the user DN with only the information in the simple username, which is sometimes not possible.
Using Identity Searches An identity search describes search criteria that LDAP uses to locate the user in the directory, and also allows you to specify the search scope and a filter, for a more precise search.
Identity searches:
  • Require a more complex configuration than identity maps
  • Can find any user regardless of its location in the directory
  • Require a service bind, which you must configure
  • Are useful when the directory does not have a strict hierarchical structure

You can configure both identification options concurrently, if needed. See Using Multiple IdentityMap and IdentitySearch Elements in Combination.