16.10 - Implementing Roles for Directory Authorization of Database Privileges - Teradata Database

Teradata Database Security Administration

Product
Teradata Database
Release Number
16.10
Release Date
June 2017
Content Type
Administration
Security
Publication ID
B035-1100-161K
Language
English (United States)
  1. Create external roles as shown in Creating and Dropping External Roles.
  2. Review directory user management options and select a user provisioning strategy. See Directory Management of Database Users.
  3. Create one or more directory role objects with names that match Teradata Database external roles and map the roles to directory group objects.

    For information, see Provisioning Directory Users with Teradata Schema Extensions or Using Native Directory Schema to Provision Directory Users.

Since roles are assigned by mapping instead of role grants, assignments cannot include WITH ADMIN OPTION.
Additional considerations apply when configuring directory authorization in a Unity environment. See Teradata Unity Installation, Configuration, and Upgrade Guide for Customers (B035-2523) and Teradata Unity User Guide (B035-2520).