Table of Contents

Search

  1. Preface
  2. Analyst Service
  3. Catalog Service
  4. Content Management Service
  5. Data Integration Service
  6. Data Integration Service Architecture
  7. Data Integration Service Management
  8. Data Integration Service Grid
  9. Data Integration Service REST API
  10. Data Integration Service Applications
  11. Data Privacy Management Service
  12. Enterprise Data Preparation Service
  13. Interactive Data Preparation Service
  14. Informatica Cluster Service
  15. Mass Ingestion Service
  16. Metadata Access Service
  17. Metadata Manager Service
  18. Model Repository Service
  19. PowerCenter Integration Service
  20. PowerCenter Integration Service Architecture
  21. High Availability for the PowerCenter Integration Service
  22. PowerCenter Repository Service
  23. PowerCenter Repository Management
  24. PowerExchange Listener Service
  25. PowerExchange Logger Service
  26. SAP BW Service
  27. Search Service
  28. System Services
  29. Test Data Manager Service
  30. Test Data Warehouse Service
  31. Web Services Hub
  32. Application Service Upgrade
  33. Appendix A: Application Service Databases
  34. Appendix B: Connecting to Databases from Windows
  35. Appendix C: Connecting to Databases from UNIX or Linux
  36. Appendix D: Updating the DynamicSections Parameter of a DB2 Database

Create the Data Privacy Management Service

Create the Data Privacy Management Service

Use the service creation wizard in the Administrator tool to create the service.
Before you create the
Data Privacy Management Service
, verify that you have created and enabled the following service:

    Catalog Service

  1. In the Administrator tool, click the
    Manage
    tab, and click
    Services and Nodes
    .
  2. Click
    Actions
    New
    Data Privacy Management Service
    .
    The
    New Data Privacy Management Service
    dialog box appears.
  3. On the
    New Data Privacy Management Service - Step 1 of 4
    page, enter the following properties:
    Property
    Description
    Name
    Name of the service. The name is not case sensitive and must be unique within the domain. It cannot exceed 128 characters or begin with @. It also cannot contain spaces or the following special characters:
    ` ~ % ^ * + = { } \ ; : ' " / ? . , < > | ! ( ) ] [
    Description
    Description of the service. The description cannot exceed 765 characters.
    Location
    Domain and folder where the service is created. Click
    Browse
    to choose a different folder. You can move the service after you create it.
    License
    License object that allows use of the service.
    Node
    Node on which the service runs.
    Backup Nodes
    If your license includes high availability, nodes on which the service can run if the primary node is unavailable.
  4. Click
    Next
    .
    The
    New Data Privacy Management Service - Step 2 of 4
    page appears.
  5. Enter the following properties for the
    Data Privacy Management
    repository database:
    Property
    Description
    Database Type
    The type of the repository database.
    Username
    The database user name for the repository.
    Password
    Repository database password for the database user.
    Schema
    Available for Microsoft SQL Server. Name of the schema that will contain
    Data Privacy Management
    repository tables.
    Tablespace
    Available for IBM DB2. Name of the tablespace in which to create the tables. For a multi-partition IBM DB2 database, the tablespace must span a single node and a single partition.
  6. Enter the JDBC connection string that the service uses to connect to the
    Data Privacy Management
    repository database.
    Use the following syntax for the connection string for the selected database type:
    Database Type
    Connection String Syntax
    IBM DB2
    jdbc:informatica:db2://<host name>:<port number>;DatabaseName=<database name>;BatchPerformanceWorkaround=true;DynamicSections=3000
    Microsoft SQL Server
    • Microsoft SQL Server that uses the default instance
      jdbc:informatica:sqlserver://<host name>:<port number>;DatabaseName=<database name>;SnapshotSerializable=true
    • Microsoft SQL Server that uses a named instance
      jdbc:informatica:sqlserver://<host name>\<named instance name>;DatabaseName=<database name>;SnapshotSerializable=true
    • Azure SQL Server.
      jdbc:informatica:sqlserver://<host name>:<port number>;DatabaseName=<database name>;SnapshotSerializable=true; SnapshotSerializable=true;EncryptionMethod=SSL;HostNameInCertificate=*.<hostnameincertificate>;ValidateServerCertificate=true
    Oracle
    jdbc:informatica:oracle://<host name>:<port number>;SID=<database name>;MaxPooledStatements=20;CatalogOptions=0;BatchPerformanceWorkaround=true
    PostgreSQL
    jdbc:informatica:postgresql://<host name>:<port number>;DatabaseName=
  7. If the
    Data Privacy Management
    repository database is secured with the SSL protocol, you must enter the secure database parameters in the
    Secure JDBC Parameters
    field.
    Enter the parameters as
    name=value
    pairs separated by semicolon characters (;). For example:
    param1=value1;param2=value2
    Enter the following secure database parameters:
    Secure Database Parameter
    Description
    EncryptionMethod
    Required. Indicates whether data is encrypted when transmitted over the network. This parameter must be set to
    SSL
    .
    ValidateServerCertificate
    Optional. Indicates whether Informatica validates the certificate that the database server sends.
    If this parameter is set to True, Informatica validates the certificate that the database server sends. If you specify the HostNameInCertificate parameter, Informatica also validates the host name in the certificate.
    If this parameter is set to False, Informatica does not validate the certificate that the database server sends. Informatica ignores any truststore information that you specify.
    HostNameInCertificate
    Optional. Host name of the machine that hosts the secure database. If you specify a host name, Informatica validates the host name included in the connection string against the host name in the SSL certificate.
    cryptoProtocolVersion
    Required. Specifies the cryptographic protocol to use to connect to a secure database. You can set the parameter to
    cryptoProtocolVersion=TLSv1.1
    or
    cryptoProtocolVersion=TLSv1.2
    based on the cryptographic protocol used by the database server.
    TrustStore
    Required. Path and file name of the truststore file that contains the SSL certificate for the database.
    If you do not include the path for the truststore file, Informatica looks for the file in the following default directory:
    <Informatica installation directory>/tomcat/bin
    TrustStorePassword
    Required. Password for the truststore file for the secure database.
    Informatica appends the secure JDBC parameters to the JDBC connection string. If you include the secure JDBC parameters directly in the connection string, do not enter any parameter in the
    Secure JDBC Parameters
    field.
  8. Click
    Test Connection
    to verify that you can connect to the database.
  9. Select
    No content exists under specified connection string. Create new content.
  10. Click
    Next
    .
    The
    New Data Privacy Management Service - Step 3 of 4
    page appears.
  11. Required. Enter the name of the associated Catalog Service.
  12. Optional. Enter the name of the associated Test Data Manager Service.
  13. Enter the Catalog Service user name and password.
  14. Click
    Next
    .
    The
    New Data Privacy Management Service - Step 4 of 4
    page appears.
  15. Configure the security properties in the dialog box.
    The following table describes the properties:
    Property
    Description
    HTTP Port
    A unique HTTP port number used for each service process. The defaults is 6200.
    Enable Secure Communication
    Use a secure connection to connect to the
    Data Privacy Management Service
    . If you enable secure communication, you must set all required HTTPS properties, including the keystore and truststore properties.
    HTTPS Port
    Port number for the HTTPS connection.
    Keystore File
    Path and file name of the keystore file. The keystore file contains the keys and certificates required if you use the SSL security protocol with
    Data Privacy Management
    .
    When the domain creates the
    Data Privacy Management Service
    ,
    Data Privacy Management
    exports the keystore to a certificate and stores the certificate in the keystore directory. Ensure that you configure the read and write permissions on the directory for
    Data Privacy Management
    to successfully store the certificate.
    Keystore Password
    Password for the keystore file. Required if you select Enable Transport layer Security.
    You must enable secure communication, enter the HTTPS port, and keystore file. The
    Data Privacy Management Service
    does not start if you do not configure the properties.
  16. Click
    Finish
    .
    The domain creates the
    Data Privacy Management Service
    , creates content for the
    Data Privacy Management
    repository in the specified database, and enables the service.
    After you create the service through the wizard, you can edit the properties or configure other properties.
  17. If you enabled User Activity monitoring during installation, update the service to set the User Activity properties. Click
    Edit
    on the
    User Activity Configuration
    tab and enter the following properties:
    Property
    Description
    Enable User Activity
    When enabled, starts the system jobs required for user activity data streaming to
    Data Privacy Management
    . Default is False.
    If you enable User Activity during installation and then update the field to False, the
    Data Privacy Management
    system jobs stop.
    Event Details Retention Period (In Days)
    Required. Determines the number of days to retain user activity details and anomalies in the user activity store. The
    Data Privacy Management Service
    runs a daily retention job that purges expired data from the user activity store.
    Event File Shared Location
    The mount location where you want to store streamed user activity event messages.
    The mount location must be accessible to the domain machine and all cluster machines. The path to the mount location must be the same on all machines with Read, Write, and Execute permissions for the domain user on all machines.
    ElasticSearch with TLS enabled takes more time to persist events compared to ElasticSearch without TLS. You might notice a difference in performance.
When you update the
Data Privacy Management Service
properties, you must restart the
Data Privacy Management Service
for the modifications to take effect.

0 COMMENTS

We’d like to hear from you!