Does anyone know if it's possible to synchronize Netezza User Groups with Microsoft Active Directory (AD) groups?
My client's Netezza appliances already require a user to connect using their network uid and pw via a connection to the LDAP server. But they would like to use AD Groups across various data platforms. Right now, they have to maintain an AD Group for a particular data set and a corresponding Netezza User Group for the same on the Netezza platform. Is there a way to synchronize the two so two separate groups don't need to be maintained?
That is certainly possible We have developed a script that export two CSV files from active directory 1) The first file contains a list of all the groups that corresponds to a specific naming convention (begins with G_NZ) 2) The second file contains a list of every user in each of these groups with the group name next to the user name 3) Based on other portions of the naming conventions of these groups the script grant them specific rights in specific data bases and schema corresponding to a similar naming convention 4) The last step is to create all the users from the file and delete those no longer in the file and add those users to the right groups
An example: A database called PROD_EDW has a schema named DBO and the group G_NZ_PROD_DBO_R gives read access to all Objects and that schema
I hope you can follow