Table of Contents

Search

  1. Version 10.1.1
  2. Version 10.1
  3. Version 10.0
  4. Version 9.6.1
  5. Version 9.6.0

Security

This section describes changes to security in version 9.6.1.
Effective in version 9.6.1, the directory where the domain encryption key is stored has changed. The new encryption key directory is
<INFA_HOME>/isp/config/keys
.
Previously, the encryption key directory was
<INFA_HOME>/isp/config/secret
.
Effective in 9.6.1, when you configure the domain to use Kerberos authentication, you can specify whether nodes and services can share service principal names (SPN) and keytab files.
You can select one of the following service principal levels:
Node Level
If the domain is used for testing or development and does not require a high level of security, you can set the service principal at the node level. You can use one SPN and keytab file for the node and all the service processes on the node. When you create additional services on a node, you do not need to create additional keytab files.
Process Level
If the domain is used for production and requires a high level of security, you can set the service principal at the process level. Create a unique SPN and keytab file for each node and each process on the node. The number of SPNs and keytab files required for each node depends on the number of service processes that run on the node.
Previously, the Informatica domain required a unique SPN and keytab file for each node and each process on the node.


Updated April 09, 2019