Vertica LDAP authentication for AD group membership

I have a question that I can't seem to get a clear answer on from support.

 

Currently we are successfully using Active Directory LDAP authentication to verify a Vertica username and password. We are using Bind and Search and are binding to the directory as a service account. Again, this is working fine.

 

What I would like to do is create an Active Directory global group and drop users into this group, and then not only verify a user's account name and password during authentication, but also whether they are a member of the Vertica AD group that I created.

 

I can find a bunch of documentation on the Vertica site about setting up an OU within Active Directory for Vertica users, but not a group (the two are different). My organization OU structure is already set up and we don't have the flexibility to create a Vertica OU and move existing users to it because it would mess up their existing application access. Support says group searching is possible but they keep pointing me to the document on setting up an OU.

 

Does anyone know if authenticating AD group access is possible from Vertica and if so, do you have any examples? This is possible with many,many,many of our other DBMS software and enterprise software. Thanks!

Leave a Comment

BoldItalicStrikethroughOrdered listUnordered list
Emoji
Image
Align leftAlign centerAlign rightToggle HTML viewToggle full pageToggle lights
Drop image/file