TDGSS LdapSystemFQDN Property | Teradata Vantage - LdapSystemFQDN - Analytics Database - Teradata Vantage

Security Administration

Deployment
VantageCloud
VantageCore
Edition
Enterprise
IntelliFlex
VMware
Product
Analytics Database
Teradata Vantage
Release Number
17.20
Published
June 2022
Language
English (United States)
Last Update
2024-02-29
dita:mapPath
hjo1628096075471.ditamap
dita:ditavalPath
qkf1628213546010.ditaval
dita:id
zuy1472246340572
lifecycle
latest
Product Category
Teradata Vantage™

The LdapSystemFQDN property identifies the FQDN of the tdatSystem object that is the parent of the structure used for LDAP user authorization. This information helps LDAP locate objects and mappings applicable to the system without making a deep search of the directory.

This value is useful only when the AuthorizationSupported property is set to yes.

Valid Settings

  • “” (default), that is, the property does not specify an object to help the search.
  • The FQDN of a tdatSystem directory object.

For information about the tdatSystem object, see Creating the Top-Level Objects in the DIT.

Editing Guidelines

  • The LdapSystemFQDN property appears by default only in the LDAP mechanism. You must add the LdapSystemFQDN to the TDGSS configuration file and specify a value for any mechanism where AuthorizationSupported=yes, including KRB5 and SPNEGO. See Changing the TDGSS Configuration.
  • You must set a value for the LdapSystemFQDN property in any authentication mechanism that has the AuthorizationSupported property set to yes.
  • If the directory serves one Teradata Vantage system, the LdapSystemFQDN properties configured on that system name the tdatSystem object that represents the system.
  • If the directory serves multiple Vantage systems, the LdapSystemFQDN on each system points to the tdatSystem object that contains the authorization structure for the system. Several database systems can point to the same tdatSystem object if they have identical authorization requirements.
  • If users can log on directly to database systems, each logon must point to the tdatSystem object that contains its authorization structure.