16.10 - Configuring tdatSystem Objects - Teradata Database

Teradata Database Security Administration

prodname
Teradata Database
vrm_release
16.10
created_date
June 2017
category
Administration
Security
featnum
B035-1100-161K

The requirements for tdatSystem objects in the directory varies, depending on the number and configuration of Teradata Database systems:

  • If the directory serves a single Teradata Database system, create a single tdatSystem object, as shown in Example: tdatSystem.
  • If the directory serves multiple database systems:
    • If the systems maintain the same set of users, profiles, roles and IP filters, and maps them to directory users in the same manner, you only need a single tdatSystem object for all systems.
    • If the users, profiles, roles, and IP filters diverge among multiple database systems, then you should create a separate tdatSystem object for each database system.
    • If directory users for multiple Teradata Database systems log on through Unity, Teradata recommends that the LdapSystemFQDN property on all Teradata Database systems and connected Unity servers use the same authorization structure. If all Unity managed systems authenticate to the same directory, they should point to the same tdatSystem object. If they authenticate to different directories, the mappings to child objects for the tdatSystem object in each directory should be the same in all directories. See Teradata Unity Installation, Configuration, and Upgrade Guide for Customers (B035-2523) and Teradata Unity User Guide (B035-2520).