The following examples show how to assign membership in a specified option (has-policy or no-direct-connect) to a directory principal user.
You can specify policy membership for directory principals only if AuthorizationSupported=no for both KRB5 and LDAP.
For example, when using Teradata schema extensions:
dn: cn=no-direct-connect,cn=options,cn=policy1, cn=tdatrootP,dc=domain1,dc=com changetype: modify add: member member: uid=dirUser1,cn=principals,dc=domain1,dc=com -
For example, when using native directory schema, for example:
dn: cn=has-policy,ou=options,ou=policy1, ou=tdatrootP,dc=domain1,dc=com changetype: modify add: member member: uid=dirUser1,ou=principals,dc=domain1,dc=com -