Sample Identity Map for Simple User Names - Advanced SQL Engine - Teradata Database

Security Administration

Product
Advanced SQL Engine
Teradata Database
Release Number
17.05
17.00
Published
September 2020
Language
English (United States)
Last Update
2021-01-23
dita:mapPath
ied1556235912841.ditamap
dita:ditavalPath
lze1555437562152.ditaval
dita:id
B035-1100
lifecycle
previous
Product Category
Teradata Vantage™

You can use the following identity map for any simple username specified in a valid logon, for example, jsmith. You must include domain information sufficient to construct the DN as part of the Pattern attribute, for example:

<Mechanism Name="ldap">
    <MechanismProperties
        ...
        />
    <IdentityMap
      Match="(.*)"
      Pattern="cn=${1},ou=people,dc=div,dc=corp,dc=com"/>
      DatabaseName="svc1_${0}"/>
</Mechanism>
For sites using multiple directory services, where users normally log on using only simple uids, you can use the DatabaseName attribute to affix a string that represents the service to the authcid, to differentiate among possible duplicate usernames that may appear in the various services. Using the value shown in the IdentityMap example:
DatabaseName="svc1_${0}"

subsequent logons using the simple user name jsmith, identify the user as "svc1_jsmith" in the database, where ${0} causes the database to use the entire authcid (jsmith).