16.10 - Using LDAP Directory Objects in Policies - Teradata Database

Teradata Database Security Administration

Product
Teradata Database
Release Number
16.10
Release Date
June 2017
Content Type
Administration
Security
Publication ID
B035-1100-161K
Language
English (United States)

You can assign a security policy to Teradata user and profile objects in the directory.

Some Teradata user and profile objects may already exist in the directory as a result of configuring LDAP authorization, as shown in the following diagram.



Teradata users and profiles must exist in the directory before you can assign security policies to them.

In a multiple database environment, where users log on through Unity, a single tdatSystem object, related authorization structure, and set of security policies applies to all directory users.

In cases where directory users can log on through Unity or directly to the database, Teradata recommends a single authorization structure for all logons, but it is not required.

For information on creating profile and user objects, see Provisioning Directory Users with Teradata Schema Extensions or Using Native Directory Schema to Provision Directory Users.