Teiid uses JAAS based login modules for authentication and authorization. Beyond that, like adding, modifying and removing users and roles are outside the scope of JAAS and depends on the specific login methods. It also depends on what interface you want develop to use to do this activity. For example, you may have web based program, that is directly communicates with LDAP to do tasks directly. Teiid is primary accessed through JDBC and ODBC, they do not have any such facilities.