16.10 - Sample Configuration for Multiple Directory Services - Teradata Database

Teradata Database Security Administration

prodname
Teradata Database
vrm_release
16.10
created_date
June 2017
category
Administration
Security
featnum
B035-1100-161K

This example configures an Identity Search for each directory service. Configuring Identity Maps for multiple services is similar.

<LdapConfig>
    <Tls .../>
    <Services>
        <Service Id="svc1" LdapClientMechanism="sasl/digest-md5" .../>
        <Service Id="svc2" LdapClientMechanism="simple".../>
    </Services>
    <Canonicalizations>
        <IdentitySearch
            Ref="svc1"
            Pattern="(.+)@td.teradata.com"
            Base="dc=td,dc=teradata,dc=com"
            Filter="(uid=${1})"
            DatabaseName="svc1_${1}"
            BindName="dn:${result}"/>
        <IdentitySearch
            Ref="svc2"
            Pattern="(.+)@pioneerstd.teradata.com"
            Base="dc=pioneerstd,dc=teradata,dc=com"
            Filter="(uid=${2})"
            DatabaseName="svc2_${1}"/>
    </Canonicalizations>
</LdapConfig>

For a description of the attributes used in an <IdentitySearch> element, see Configuring an Identity Search.