After being authenticated by the directory, directory-based users are authorized database
access privileges according to the following rules:
If the directory maps users to Teradata Database objects (users, external roles, and
profiles), each directory user is authorized the privileges of the objects to which
it is mapped.
If the directory does not map users to Teradata Database objects, but the directory
username matches a Teradata Database username, the directory user is authorized all
the privileges belonging to the matching Teradata Database user.
If a directory user is neither mapped to any database objects, nor does the directory
username match a Teradata Database username, the directory user has no privileges
to access the database.
Note: One or more setup tasks (depending on implementation) must be completed before a directory
user can access the database. For information, see Security Administration.