16.10 - Applying an Option Policy to a Database Profile - Teradata Database

Teradata Database Security Administration

prodname
Teradata Database
vrm_release
16.10
created_date
June 2017
category
Administration
Security
featnum
B035-1100-161K

When you configure option membership by Teradata Database profile, the corresponding tdatProfile object must already exist in the directory.

Users accessing the database through a middle-tier application are subject to the policies assigned to the application user, instead of policies assigned to them as individuals.

For example, when using Teradata schema extensions, specify a profile member as follows:

dn: cn=has-policy,cn=options,cn=policy1,
 cn=tdatrootP,dc=domain1,dc=com
changetype: modify
add: member
member: cn=profile1,cn=profiles,cn=system1,cn=tdatrootA,dc=domain1,dc=com
-

For example, when using native directory schema, specify a profile member as follows:

dn: cn=no-direct-connect,ou=options,ou=policy1,
 ou=tdatrootP,dc=domain1,dc=com
changetype: modify
add: member
member: cn=profile1,ou=profiles,ou=system1,ou=tdatrootA,dc=domain1,dc=com
-