Common Content for Data Engineering
- Common Content for Data Engineering 10.5.3
- All Products
UpdateWorkerNode [<-DomainName|-dn> domain_name] [<-NodeName|-nn> node_name] [<-NodeAddress|-na> node_host:port] [<-ServiceManagerPort|-sp> service_manager_port] [<-EnableTLS|-tls> enable_tls] [<-NodeKeystore|-nk> node_keystore_directory] [<-NodeKeystorePass|-nkp> node_keystore_password] [<-NodeTruststore|-nt> node_truststore_directory] [<-NodeTruststorePass|-ntp> node_truststore_password] [<-CipherWhiteList|-cwl> comma_separated_white_list_jsse_cipher_names] [<-CipherBlackList|-cbl> comma_separated_black_list_jsse_cipher_names] [<-CipherWhiteListFile|-cwlf> absolute_filename_containing_comma_separated_white_list_jsse_cipher_names] [<-CipherBlackListFile|-cblf> absolute_filename_containing_comma_separated_black_list_jsse_cipher_names] [<-EnableKerberos|-krb> enable_kerberos] [<-ServiceRealmName|-srn> realm_name_of_node_spn] [<-UserRealmName|-urn> realm_name_of_user_spn] [<-KeysDirectory|-kd> Infa_keys_directory_location] [<-HttpsPort|-hs> admin_tool_https_port] [<-KeystoreFile|-kf> admin_tool_keystore_file_location] [<-KeystorePass|-kp> admin_tool_keystore_password] [<-GatewayAddress|-dg> domain_gateway_host:port] [<-UserName|-un> user_name] [<-SecurityDomain|-sdn> security domain] [<-Password|-pd> password] [<-ServerPort|-sv> server_shutdown_port] [<-resetHostPort|-rst> resetHostPort] [<-SystemLogDirectory|-sld> system_log_directory] [<-EnableSaml|-saml> enable_saml] [<-SamlKeyStoreDir|-skd> saml_keystore_directory] [<-SamlKeyStorePassword|-skp> saml_keystore_password]
Option
| Description
|
---|---|
-DomainName
-dn
| Optional. Name of the domain.
|
-NodeName
-nn
| Optional. Name of the node. Node names must be between 1 and 79 characters and cannot contain spaces or the following characters: \ / * ? < > " |
|
-NodeAddress
-na
| Optional. Host name and port number for the machine hosting the node. Choose an available port number.
|
-ServiceManagerPort
-sp
| Optional. Port number used by the Service Manager to listen for incoming connection requests.
|
-EnableTLS
-tls
| Optional. Configures secure communication among the services in the Informatica domain.
If you use the default SSL certificates provided by Informatica, you do not need to specify the keystore and truststore options. If you do not use the default SSL certificate, you must specify the keystore and truststore options. Valid values are true or false. Default is false. If you specify the -tls option without a value, the Informatica domain uses secure communication among the services.
To enable secure communication for the associated services or web applications, such as Administrator tool, Analyst tool, or Web Services Hub, configure the secure communication separately within the applications.
|
-NodeKeystore-
-nk
| Optional if you use the default SSL certificates from Informatica. Required if you use your SSL certificates. Directory that contains the keystore files. The Informatica domain requires the SSL certificates in PEM format and in Java Keystore (JKS) files. The directory must contain keystore files in PEM and JKS formats.
The keystore files must be named infa_keystore.jks and infa_keystore.pem. If the keystore file that you receive from the certificate authority (CA) has a different name, you must rename it to infa_keystore.jks and infa_keystore.pem.
You must use the same keystore file for all the nodes in the domain.
|
-NodeKeystorePass
-nkp
| Optional if you use the default SSL certificates from Informatica. Required if you use your SSL certificates. Password for the keystore infa_keystore.jks file.
|
-NodeTruststore
-nt
| Optional if you use the default SSL certificates from Informatica. Directory that contains the truststore files. The Informatica domain requires the SSL certificates in PEM format and in Java Keystore (JKS) files. The directory must contain truststore files in PEM and JKS formats.
The truststore files must be named infa_truststore.jks and infa_truststore.pem. If the truststore file that you receive from the certificate authority (CA) has a different name, you must rename it to infa_truststore.jks and infa_truststore.pem.
|
-NodeTruststorePass
-ntp
| Optional if you use the default SSL certificates from Informatica. Required if you use your SSL certificates. Password for the infa_truststore.jks file.
|
-CipherWhiteList
-cwl
| Optional. Comma-separated list of JSSE cipher suites that you want to add to the effective list.
The list must contain at least one valid JRE or OpenSSL cipher suite.
|
-CipherBlackList
-cbl
| Optional. Comma-separated list of JSSE cipher suites that you want to remove from the effective list.
The effective list must contain at least one valid JRE or OpenSSL cipher suite.
|
-CipherWhiteListFile
-cwlf
| Optional. Absolute file name of the plain text file that contains a comma-separated list of cipher suites that you want to add to the effective list.
The list must contain at least one valid JRE or OpenSSL cipher suite.
|
-CipherBlackListFile
-cblf
| Optional. Absolute file name of the plain text file that contains a comma-separated list of cipher suites that you want to remove from the effective list.
The effective list must contain at least one valid JRE or OpenSSL cipher suite.
|
-EnableKerberos
-krb
| Optional. Configures the Informatica domain to use Kerberos authentication. Valid values are true or false. If true, the domain uses Kerberos authentication, and you cannot later change the authentication mode. After you enable Kerberos authentication, you cannot disable it.
Default is false. If you specify the -krb option without a value, the Informatica domain uses Kerberos authentication.
|
-ServiceRealmName
-srn
| Optional. Name of the Kerberos realm that the domain uses to authenticate users. The realm name must be in uppercase and is case-sensitive.
To configure Kerberos cross realm authentication, specify the name of each Kerberos realm that the domain uses to authenticate users, separated by a comma. For example:
COMPANY.COM,EAST.COMPANY.COM,WEST.COMPANY.COM
Use an asterisk as a wildcard character before a realm name to include all realms that include the name. For example, specify the following value to include all realms that include the EAST.COMPANY.COM name:
*EAST.COMPANY.COM
|
-UserRealmName
-urn
| Optional. Name of the Kerberos realm that the domain uses to authenticate users. The realm name must be in uppercase and is case-sensitive.
To configure Kerberos cross realm authentication, specify the name of each Kerberos realm that the domain uses to authenticate users, separated by a comma. For example:
COMPANY.COM,EAST.COMPANY.COM,WEST.COMPANY.COM
Use an asterisk as a wildcard character before a realm name to include all realms that include the name. For example, specify the following value to include all realms that include the EAST.COMPANY.COM name:
*EAST.COMPANY.COM
|
-KeysDirectory
-kd
| Optional. Directory where all keytab files and the encryption key for the Informatica domain are stored. Default is
<InformaticaInstallationDir>/isp/config/keys .
|
-HttpsPort
-hs
| Optional. Port number to secure the connection to the Administrator tool. Set this port number if you want to configure HTTPS for a node.
|
-KeystoreFile
-kf
| Optional. Keystore file that contains the keys and certificates required if you use the SSL security protocol.
|
-KeystorePass
-kp
| Optional. A plain-text password for the keystore file. You can set a password with the -kp option or the environment variable INFA_PASSWORD. If you set a password with both methods, the password set with the -kp option takes precedence.
|
-GatewayAddress
-dg
| Required. Gateway host machine name and port number.
|
-UserName
-un
| Required if the domain uses Native or LDAP authentication. User name to connect to the domain. You can set the user name with the -un option or the environment variable INFA_DEFAULT_DOMAIN_USER. If you set a user name with both methods, the -un option takes precedence.
Optional if the domain uses Kerberos authentication. To run the command with single sign-on, do not set the user name. If you set the user name, the command runs without single sign-on.
|
-SecurityDomain
-sdn
| Name of the security domain that you want to create to which the domain user belongs. You can set a security domain with the -sdn option or the environment variable INFA_DEFAULT_SECURITY_DOMAIN. If you set a security domain name with both methods, the -sdn option takes precedence. The security domain name is case sensitive.
You can specify a value for ‑sdn or use the default based on the authentication mode:
|
-Password
-pd
| Required if you specify the user name. Password for the user name. The password is case sensitive. You can set a password with the -pd option or the environment variable INFA_DEFAULT_DOMAIN_PASSWORD. If you set a password with both methods, the password set with the -pd option takes precedence.
|
-MinProcessPort
-mi
| Required. Minimum port number for application service processes that run on the node.
|
-MaxProcessPort
-ma
| Required. Maximum port number for application service processes that run on the node.
|
-ServerPort
-sv
| Optional. TCP/IP port number used by the Service Manager. The Service Manager listens for shutdown commands from domain components on this port. Set this port number if you have multiple nodes on one machine or if the default port number is in use. Default is the node port number plus one.
|
-BackupDirectory
-bd
| Optional. Directory to store repository backup files. The directory must be accessible by the node.
|
-ErrorLogLevel
-el
| Optional. Severity level for log events in the domain log. Default is info.
|
-ResourceFile
-rf
| Required. File that contains the list of available resources for the node. Use the file, nodeoptions.xml, located in the following location:
<Informatica installation directory>/isp/bin
|
-EnableSaml
-saml
| Optional. Enables or disables SAML authentication in the Informatica domain.
Set this value to true to enable SAML authentication in the Informatica domain. Default is false.
|
-SamlKeyStoreDir
-skd
| Optional. The directory containing the custom keystore file required to use SAML authentication on the gateway node. Specify the directory only, not the full path to the file.
|
-SamlKeyStorePassword
-skp
| Required if you use a custom keystore for SAML authentication. Password to the SAML keystore. *
|
-GatewayAddress
-dg
| Required. Gateway host machine name and port number.
|
-UserName
-un
| Required if the domain uses Native or LDAP authentication. User name to connect to the domain. You can set the user name with the -un option or the environment variable INFA_DEFAULT_DOMAIN_USER. If you set a user name with both methods, the -un option takes precedence.
Optional if the domain uses Kerberos authentication. To run the command with single sign-on, do not set the user name. If you set the user name, the command runs without single sign-on.
|
-SecurityDomain
-sdn
| Name of the security domain that you want to create to which the domain user belongs. You can set a security domain with the -sdn option or the environment variable INFA_DEFAULT_SECURITY_DOMAIN. If you set a security domain name with both methods, the -sdn option takes precedence. The security domain name is case sensitive.
You can specify a value for ‑sdn or use the default based on the authentication mode:
|
-Password
-pd
| Required if you specify the user name. Password for the user name. The password is case sensitive. You can set a password with the -pd option or the environment variable INFA_DEFAULT_DOMAIN_PASSWORD. If you set a password with both methods, the password set with the -pd option takes precedence.
|
-ServerPort
-sv
| Optional. TCP/IP port number used by the Service Manager. The Service Manager listens for shutdown commands from PowerCenter components on this port. Set this port number if you have multiple nodes on one machine or if the default port number is in use.
|
-resetHostPort
-rst
| Required if you specify the NodeAddress or ServiceManager option. Resets the host port number.
|
-SystemLogDirectory
-sld
| Optional. Directory path to store system log files. Default is <INFA_home>/logs.
|
* Note: If you currently run scripts that use this command to enable a custom keystore for SAML authentication, you must update them to include this option.
|