16.10 - Configuring System Objects - Teradata Database

Teradata Database Security Administration

Product
Teradata Database
Release Number
16.10
Release Date
June 2017
Content Type
Administration
Security
Publication ID
B035-1100-161K
Language
English (United States)

The requirements for System objects in the directory varies, depending on the configuration of Teradata Database systems:

  • If the directory serves a single Teradata Database system, create a single System object.
  • If the directory serves multiple database systems:
    • If all systems maintain the same set of users, profiles, roles and IP filters, and they are mapped to directory users in the same manner, you only need a single System object for all systems.
    • If the users, profiles, roles, and IP filters diverge among database systems, then you should create a separate System object for each database system.
    • If directory users for multiple Teradata Database systems log on through Unity, Teradata recommends that the LdapSystemFQDN property on all Teradata Database systems and connected Unity servers use the same authorization structure. If all Unity managed systems authenticate to the same directory, they should point to the same tdatSystem object. If they authenticate to different directories, the mappings to child objects for the tdatSystem object in each directory should be the same in all directories. See Teradata Unity Installation, Configuration, and Upgrade Guide for Customers (B035-2523) and Teradata Unity User Guide (B035-2520).