1 Reply Latest reply on Nov 18, 2015 12:07 PM by shawkins

    Security/Roles

    virtualdatabase
    virtualdatabase Nov 18, 2015 11:05 AM

      I've come to the understanding that when you implement LDAP/AD security that DV does not leverage the work that has gone into setting up AD roles/groups.

      Why does teiid/DV require duplicity in setting up "Data roles" instead of using groups/roles defined within  LDAP/AD?

      I might be missing something which is why I'm asking this question..

        • 1. Re: Security/Roles
          shawkins
          shawkins Nov 18, 2015 12:07 PM (in response to virtualdatabase)

          > Why does teiid/DV require duplicity in setting up "Data roles" instead of using groups/roles defined within  LDAP/AD?

           

          The primary issue is that you want DV to have a notion of data roles that is independent of the security mechanism so that it has a self-contained way of utilizing roles in the the vdb.  If you switch from ldap to another system or just change a group name, the vdb remains consistent.  All you have to do is change the data role mapping to the new group/role names. 

           

          Or do you mean something else?

            • Actions