Please take this survey to help us learn more about how you use third party tools. Your input is greatly appreciated!

Vertica LDAP AUTHENTICATION

SK21SK21
edited June 21 in General Discussion

I have recently configured LDAP in POC and soon moving to production.
dbadmin=> create user "skumar01";
CREATE USER
dbadmin=> GRANT AUTHENTICATION LDAP1 to "skumar01";
GRANT AUTHENTICATION
[[email protected] ~]$ vsql -U "skumar01" -h 10.42.00,109 -w 'Password' -c "select user_name, client_authentication_name from sessions";
user_name | client_authentication_name
---------------+----------------------------
skumar01 | LDAP1

Now i am moving it in prod but i have a situation-

a) In Production my vertica db username is sk25243 but my ldap username is skumar01.
Is there any way to grant ldap authentication to sk25243 without changing my username.
Offcourse the other way would be to RENAME sk25243 TO new-user-name( skumar01)ie my LDAP username.

Answers

  • SergeBSergeB Employee

    Short answer is no. When authenticating via LDAP, your Vertica user name has to match an LDAP username (cn or email other attribute).

  • SruthiASruthiA Employee

    @SK21 : It is not possible

  • Thanks @SergeB and @SruthiA .....great to hear from you guys after a while.

    Sahil

  • @serge @SruthiA one more question create users parameters like memory cap and runtime cap cannot be applied to users directly
    during replication in vertica from ldap?

    They should be done manually afterwards?

  • SergeBSergeB Employee

    @SK21 Yes, if you want to change the profile of a user you are replicating from LDAP (via LPAPLink), you will need to use ALTER afterwards.

Leave a Comment

BoldItalicStrikethroughOrdered listUnordered list
Emoji
Image
Align leftAlign centerAlign rightToggle HTML viewToggle full pageToggle lights
Drop image/file

Can't find what you're looking for? Search the Vertica Documentation, Knowledge Base, or Blog for more information.