1 Reply Latest reply on Nov 18, 2015 12:07 PM by Steven Hawkins

    Security/Roles

    virtualdatabase Apprentice

      I've come to the understanding that when you implement LDAP/AD security that DV does not leverage the work that has gone into setting up AD roles/groups.

      Why does teiid/DV require duplicity in setting up "Data roles" instead of using groups/roles defined within  LDAP/AD?

      I might be missing something which is why I'm asking this question..

        • 1. Re: Security/Roles
          Steven Hawkins Master

          > Why does teiid/DV require duplicity in setting up "Data roles" instead of using groups/roles defined within  LDAP/AD?

           

          The primary issue is that you want DV to have a notion of data roles that is independent of the security mechanism so that it has a self-contained way of utilizing roles in the the vdb.  If you switch from ldap to another system or just change a group name, the vdb remains consistent.  All you have to do is change the data role mapping to the new group/role names. 

           

          Or do you mean something else?