Logon authentication
- Local authentication
- Netezza Performance Server administrators define the database users and their passwords by using the CREATE USER command or through the Netezza Performance Server administrative interfaces. In local authentication, you use the Netezza Performance Server system to manage database accounts and passwords, and to add and remove database users from the system. This method is the default authentication method.
- LDAP authentication
- You can use an LDAP name server to authenticate database users and manage passwords and database account activations and deactivations. The Netezza Performance Server system then uses a Pluggable Authentication Module (PAM) to authenticate users on the LDAP name server. Microsoft Active Directory conforms to the LDAP protocol, so it can be treated like an LDAP server for the purposes of LDAP authentication.
- Kerberos authentication
- You can use a Kerberos distribution server to authenticate database users and manage passwords and database account activations and deactivations.
Authentication is a system-wide setting; that is, your users must be either locally authenticated or authenticated by using the LDAP or Kerberos method. If you choose LDAP or Kerberos authentication, you can create users with local authentication on a per-user basis. You cannot use LDAP and Kerberos at the same time to authenticate users. Netezza Performance Server host supports LDAP or Kerberos authentication for database user logins only, not for operating system logins on the host.