If no directory users are mapped to Teradata Database users, you can set the LDAP mechanism AuthorizationSupported property no, to allow directory users with a username that matches a Teradata Database username to:
- Log on to the database and be authenticated by the directory
- Inherit all the database privileges of the matching database user
Unmapped directory users whose user names do not match a database username cannot access the database. The exception is EXTUSER. If a user is assigned to EXTUSER, the user is provided limited database access in the same way that PUBLIC provides limited access to permanent database users. Additionally, if a user is assigned to EXTUSER or assigned to a role or profile, and if auto provisioning is configured on the system, an individual database account will automatically be created for the user.