16.10 - LdapCredentialIsUPN - Teradata Database

Teradata Database Security Administration

prodname
Teradata Database
vrm_release
16.10
created_date
June 2017
category
Administration
Security
featnum
B035-1100-161K

For some logon forms, tells TDGSS how to interpret the portion of the logon string that identifies the user.

For example, for the BTEQ logon:

.logon  system/user,password

If the user specification is in the form “a@b” or a/b” or “a\b”, the setting of LdapCredentialIsUPN tells the system whether to treat the entire user specification as an Authcid or to use the special characters to construct a UPN.

Also see LDAP Logon Format Examples.

Default Property Value

The default value is yes.

Valid Settings

Setting Description
yes (default) The system treats the user specification as a UPN.
no The system interprets the entire user specification as a user Authcid.

Supporting Mechanisms for LdapCredentialIsUPN

Mechanisms that are not listed in the table do not support this property. The Property Editable column indicates if the setting for a property may be edited.
Mechanism Property Editable?
LDAP May Be Edited

Editing Guidelines

  • If the LdapCredentialIsUPN property is absent or set to yes (the default), the system treats the user specification as a UPN, which must conform to the rules of IETF 1964.
    When considered as a UPN, the user specification, as shown in the example in the introductory text for this property (above), must appear in the logon as: “a\@b” or “a\/b” or “a\\b”, where the added backslash (\) character informs the system how to handle the character that follows.
  • If the CredentialIsUPN property is set to no, the system disregards the special characters and considers the entire user specification to be a string representing the user Authcid.