16.10 - If All Directory Users Are Unmapped - Teradata Database

Teradata Database Security Administration

Teradata Database
Release Number
Release Date
June 2017
Content Type
Publication ID
English (United States)

If no directory users are mapped to Teradata Database users, you can set the LDAP mechanism AuthorizationSupported property no, to allow directory users with a username that matches a Teradata Database username to:

  • Log on to the database and be authenticated by the directory
  • Inherit all the database privileges of the matching database user

Unmapped directory users whose user names do not match a database username cannot access the database. The exception is EXTUSER. If a user is assigned to EXTUSER, the user is provided limited database access in the same way that PUBLIC provides limited access to permanent database users. Additionally, if a user is assigned to EXTUSER or assigned to a role or profile, and if auto provisioning is configured on the system, an individual database account will automatically be created for the user.