Applying an Option Policy to a Directory Principal - Advanced SQL Engine - Teradata Database

Security Administration

Product
Advanced SQL Engine
Teradata Database
Release Number
17.05
17.00
Published
September 2020
Language
English (United States)
Last Update
2021-01-23
dita:mapPath
ied1556235912841.ditamap
dita:ditavalPath
lze1555437562152.ditaval
dita:id
B035-1100
lifecycle
previous
Product Category
Teradata Vantageā„¢

The following examples show how to assign membership in a specified option (has-policy or no-direct-connect) to a directory principal user.

You can specify policy membership for directory principals only if AuthorizationSupported=no for both KRB5 and LDAP.

For example, when using Teradata schema extensions:

dn: cn=no-direct-connect,cn=options,cn=policy1,
 cn=tdatrootP,dc=domain1,dc=com
changetype: modify
add: member
member: uid=dirUser1,cn=principals,dc=domain1,dc=com
-

For example, when using native directory schema, for example:

dn: cn=has-policy,ou=options,ou=policy1,
 ou=tdatrootP,dc=domain1,dc=com
changetype: modify
add: member
member: uid=dirUser1,ou=principals,dc=domain1,dc=com
-