Table of Contents

Search

  1. Installation Overview
  2. Before You Install the Services
  3. Service Installation
  4. After You Install the Services
  5. Client Installation
  6. Uninstallation
  7. Starting and Stopping Informatica Services
  8. Connecting to Databases from Windows
  9. Connecting to Databases from UNIX
  10. Updating the DynamicSections Parameter of a DB2 Database
  11. Installation and Configuration Checklist
  12. Split Domain Configuration for Metadata Manager

Installation and Configuration Guide

Installation and Configuration Guide

Joining a Domain

Joining a Domain

You can join a domain if you are installing on multiple machines and you have created a domain on another machine.
  1. Log in to the machine with a system user account.
  2. Close all other applications.
  3. On a shell command line, run the install.sh file from the root directory.
    The installer displays the message to verify that the locale environment variables are set.
  4. If the environment variables are not set, press
    n
    to exit the installer and set them as required.
    If the environment variables are set, press
    y
    to continue.
  5. Press
    1
    to install or upgrade Informatica.
    Informatica provides utilities to facilitate the Informatica services installation process. Run the following utilities before you install Informatica services:
    • Pre-Installation (i10Pi) System Check Tool. Verifies whether the machine on which you are installing Informatica services meets the system requirements for installation.
      For more information about running the Pre-Installation (i10Pi) System Check Tool, see Run the Pre-Installation (i10Pi) System Check Tool.
    • Informatica Kerberos SPN Format Generator. Creates a list of the Kerberos service principal names and keytab file names required to run Informatica services on a network with Kerberos authentication.
      For more information about running the Informatica Kerberos SPN Format Generator, see Running the Informatica Kerberos SPN Format Generator on Windows.
    If you run the i10Pi System Check tool, you can run the Informatica Kerberos SPN Format Generator or run the Informatica services installation.
    After you run the Informatica Kerberos SPN Format Generator, you can continue with the Informatica services installation. You cannot run the i10Pi System Check tool after you run the Informatica Kerberos SPN Format Generator.
  6. Press
    3
    to run the Informatica services installation.
  7. Press
    1
    to install Informatica services.
    The installer displays different options based on the platform you are installing on.
  8. If you are installing on Linux, perform the following steps:
    1. Read the terms and conditions for Informatica installation and the product usage toolkit and select
      I agree to the terms and conditions
      .
      Informatica DiscoveryIQ is a product usage tool that sends routine reports on data usage and system statistics to Informatica. Informatica DiscoveryIQ uploads data to Informatica 15 minutes after you install and configure Informatica domain. Thereafter, the domain sends the data every 30 days. You can choose to disable usage statistics from the Administrator tool.
    2. Press
      1
      to install Informatica services.
    3. Press
      1
      to configure the Informatica domain to run on a network that does not use Kerberos authentication.
      Press
      2
      to configure the Informatica domain to run on a network with Kerberos authentication.
      The
      Installation Prerequisites
      section displays the installation requirements. Verify that all requirements are met before you continue the installation.
    If you are installing on AIX, perform the following steps:
    1. Press
      1
      to configure the Informatica domain to run on a network that does not use Kerberos authentication.
      Press
      2
      to configure the Informatica domain to run on a network with Kerberos authentication.
      The
      Installation Pre-Requisites
      section displays the installation requirements. Verify that all requirements are met before you continue the installation.
    2. Read the terms and conditions for Informatica installation and the product usage toolkit and select
      I agree to the terms and conditions
      .
      Informatica DiscoveryIQ is a product usage tool that sends routine reports on data usage and system statistics to Informatica. Informatica DiscoveryIQ uploads data to Informatica 15 minutes after you install and configure Informatica domain. Thereafter, the domain sends the data every 30 days. You can choose to disable usage statistics from the Administrator tool.
  9. Press
    Enter
    to continue.
  10. Type the path and file name of the Informatica license key and press
    Enter
    .
  11. Type the absolute path for the installation directory.
    The directory names in the path must not contain spaces or the following special characters: @|* $ # ! % ( ) { } [ ] , ; ' Default is /home/toolinst.
    Informatica recommends using alphanumeric characters in the installation directory path. If you use a special character such as á or €, unexpected results might occur at run time.
  12. Press
    Enter
    .
    If you enabled Kerberos network authentication, the
    Service Principal Level
    section appears.
    If you did not enable Kerberos network authentication, the
    Pre-Installation Summary
    section appears. Skip to step 15.
  13. On the
    Service Principal Level
    section, select the service principal level for the domain.
    All nodes in the domain must use the same service principal level. When you join a node to a domain, select the same service principal level used by the gateway node in the domain.
    The following table describes the levels that you can select:
    Level
    Description
    Process Level
    Configures the domain to use a unique service principal name (SPN) and keytab file for each node and each application service on a node.
    The number of SPNs and keytab files required for each node depends on the number of application service processes that run on the node. Use the process level option for domains that require a high level of security, such as productions domains.
    Node Level
    Configures the domain to share SPNs and keytab files on a node.
    This option requires one SPN and keytab file for the node and all application services that run on the node. It also requires a separate SPN and keytab file for all HTTP processes on the node.
    Use the node level option for domains that do not require a high level of security, such as test and development domains.
  14. On the
    Network Security - Kerberos Authentication
    section, enter the parameters required for Kerberos authentication.
    The following table describes the Kerberos authentication parameters that you must set:
    Property
    Description
    Domain name
    Name of the domain. The name must not exceed 128 characters and must be 7-bit ASCII only. The name cannot contain a space or any of the following characters: ` % * + ; " ? , < > \ /
    Node name
    Name of the Informatica node.
    Node host name
    Fully qualified host name or the IP address of the machine on which to create the node. The node host name cannot contain the underscore (_) character.
    Do not use
    localhost
    . The host name must explicitly identify the machine.
    Service realm name
    Name of the Kerberos realm to which the Informatica domain services belong. The realm name must be in uppercase.
    The service realm name and the user realm name must be the same.
    User realm name
    Name of the Kerberos realm to which the Informatica domain users belong. The realm name must be in uppercase.
    The service realm name and the user realm name must be the same.
    Keytab directory
    Directory where all keytab files for the Informatica domain are stored. The name of a keytab file in the Informatica domain must follow a format set by Informatica.
    Kerberos configuration file
    Path and file name of the Kerberos configuration file. Informatica requires the following name for the Kerberos configuration file:
    krb5.conf
  15. Review the installation information and press
    Enter
    to continue.
    The installer copies the Informatica files to the installation directory.
  16. Press
    2
    to join a domain.
    The installer creates a node on the machine where you install. You can specify the type of node to create and the domain to join.
  17. Specify whether the domain you want to join has the secure communication option enabled.
    Press 1 to join an unsecure domain or press 2 to join a secure domain.
  18. Select the type of node you want to create.
    The following table describes that types of nodes that you can create:
    Property
    Description
    Configure this node as a gateway
    Select whether to configure the node as a gateway or worker node.
    1 - Yes
    2 - No
    Select 1 to configure a gateway node or 2 to configure a worker node.
    If you configure the node as a gateway, you can enable a secure HTTPS connection to the Informatica Administrator.
  19. Specify the connection details to Informatica Administrator.
    1. Specify whether to set up a secure HTTPS connection to the Informatica Administrator.
      Option
      Description
      1 - Enable HTTPS for Informatica Administrator
      Set up a secure connection to Informatica Administrator.
      2 - Disable HTTPS
      Do not set up a secure connection to Informatica Administrator.
    2. If you enable HTTPS connection for the Informatica Administrator, enter the keystore file and port number to use to secure the connection.
      Option
      Description
      Port
      Port number for the HTTPS connection.
      Keystore file
      Select whether to use a keystore file generated by the installer or a keystore file you create. You can use a keystore file with a self-signed certificate or a certificate signed by a certification authority.
      1 - Use a keystore generated by the installer
      2 - Specify a keystore file and password
      If you select to use a keystore file generated by the installer, the installer creates a self-signed keystore file named Default.keystore in the following location:
      <Informatica installation directory>/tomcat/conf/
    3. If you specify the keystore, enter the password and location of the keystore file.
    If you enabled secure communication for the domain, the
    Domain Security - Secure Communication
    section appears. If you did not enable secure communication for the domain, the
    Domain Configuration
    section appears. Skip to step 27.
  20. Select whether to enable SAML authentication to configure Security Assertion Markup Language (SAML)-based single sign-on (SSO) support for web-based Informatica applications in an Informatica domain.
    The following table describes the information you must enter to enable SAML authentication:
    Prompt
    Description
    Enable SAML Authentication
    Select whether to enable SAML Authentication:
    1 - No
    2 - Yes
  21. Press
    Enter
    .
  22. Enter the Identity Provider URL for the domain.
  23. Enter the identity provider assertion signing certificate alias name.
  24. Select whether to use the default Informatica SSL certificates or to use your SSL certificates to enable secure communication in the domain.
    The following table describes the SSL certificate options for SAML authentication:
    Option
    Description
    Use the default Informatica SSL certificate file.
    Select to use the default Informatica truststore file for SAML authentication.
    Enter the location of the SSL certificate file.
    Select to use a custom truststore file for SAML authentication. Specify the directory containing the custom truststore file on gateway nodes within the domain. Specify the directory only, not the full path to the file.
  25. If you provide the security certificates, specify the location and passwords of the keystore and truststore files.
    The following table describes the location and password of the truststore file:
    Property
    Description
    Truststore Directory
    Specify the directory containing the custom truststore file on gateway nodes within the domain. Specify the directory only, not the full path to the file.
    Truststore Password
    The password for the custom truststore file.
  26. In the Domain Security - Secure Communication section, specify whether to use the default Informatica SSL certificates or to use your SSL certificates to secure domain communication.
    1. Select the type of SSL certificates to use.
      The following table describes the SSL certificate options for securing the Informatica domain:
      Option
      Description
      Use the default Informatica SSL certificate files
      Use the default SSL certificates provided by Informatica.
      If you do not provide an SSL certificate, Informatica uses the same default private key for all Informatica installations. If you use the default Informatica keystore and truststore files, the security of your domain could be compromised. To ensure a high level of security for the domain, select the option to specify the location of the SSL certificate files.
      Specify the location of the SSL certificate files
      Use SSL certificates that you provide. You must specify the location of the keystore and truststore files.
      You can provide a self-signed certificate or a certificate issued by a certificate authority (CA). You must provide SSL certificates in PEM format and in Java Keystore (JKS) files. Informatica requires specific names for the SSL certificate files for the Informatica domain. You must use the same SSL certificates for all nodes in the domain. Store the truststore and keystore files in a directory accessible to all the nodes in the domain and specify the same keystore file directory and truststore file directory for all nodes in the same domain.
    2. If you provide the SSL certificate, specify the location and passwords of the keystore and truststore files.
      The following table describes the parameters that you must enter for the SSL certificate files:
      Property
      Description
      Keystore file directory
      Directory that contains the keystore files. The directory must contain files named infa_keystore.jks and infa_keystore.pem.
      Keystore password
      Password for the keystore infa_keystore.jks.
      Truststore file directory
      Directory that contains the truststore files. The directory must contain files named infa_truststore.jks and infa_truststore.pem.
      Truststore password
      Password for the infa_truststore.jks file.
    The Domain Configuration Repository section appears.
  27. At the prompt, enter the information for the domain that you want to join.
    The following table describes the properties that you specify for the domain:
    Property
    Description
    Domain name
    Name of the domain to join.
    Gateway node host
    Host name of the machine that hosts the gateway node for the domain.
    Gateway node port
    Port number of the gateway node.
    Domain user name
    User name of the administrator for the domain you want to join.
    Domain password
    Password for the domain administrator.
    The Domain Security - Encryption Key section appears.
  28. Enter the encryption key information for the Informatica domain that you want to join.
    If the location of the encryption key in the gateway node is not accessible to the current node, copy the encryption key file to an accessible directory. You might need to assign read permission to the directory that contains the encryption key file on gateway node before you can copy the file. For more information about the permissions for the encryption key file and directory, see Secure Files and Directories.
    The following table describes the encryption key parameters that you must specify when you join a domain:
    Property
    Description
    Select the encryption key
    Path and file name of the encryption key for the Informatica domain that you want to join. All nodes in the Informatica domain use the same encryption key. You must specify the encryption key file created on the gateway node for the domain that you want to join.
    If you copied the encryption key file to a temporary directory to make it accessible to the nodes in the domain, specify the path and file name of the encryption key file in the temporary directory.
    Encryption key directory
    Directory in which to store the encryption key on the node created during this installation. The installer copies the encryption key file for the domain to the encryption key directory on the new node. By default, the encryption key is created in the following directory:
    <Informatica installation directory>/isp/config/keys
    .
  29. On the Join Domain Node Configuration section, enter the information for the node you want to create.
    The following table describes the properties that you set for the node:
    Property
    Description
    Node Host name
    Host name for the node. The node host name cannot contain the underscore (_) character.
    Do not use localhost. The host name must explicitly identify the machine.
    Node name
    Name of the Informatica node to create on this machine. The node name is not the host name for the machine.
    Node port number
    Port number for the node.
    Database truststore file
    Path and file name of the truststore file for the secure database. Select the same database truststore file used by the master gateway node in the domain.
    Required if you join a gateway node to a domain that uses a secure domain configuration repository database.
    Truststore password
    Password for the database truststore file for the secure database.
    Required if you join a gateway node to a domain that uses a secure domain configuration repository database.
  30. Select whether to display the default ports for the domain and node components assigned by the installer.
    The following table describes the advanced port configuration page:
    Prompt
    Description
    Display advanced port configuration page
    Select whether to display the port numbers for the domain and node components assigned by the installer:
    1 - No
    2 - Yes
    If you select Yes, the installer displays the default port numbers assigned to the domain components. You can specify the port numbers to use for the domain and node components. You can also specify a range of port numbers to use for the service process that will run on the node. You can use the default port numbers or specify new port numbers. Verify that the port numbers you enter are not used by other applications.
  31. If you display the port configuration page, enter new port numbers at the prompt or press
    Enter
    to use the default port numbers.
    The following table describes the ports that you can set:
    Port
    Description
    Service Manager port
    Port number used by the Service Manager on the node. The Service Manager listens for incoming connection requests on this port. Client applications use this port to communicate with the services in the domain. The Informatica command line programs use this port to communicate to the domain. This is also the port for the SQL data service JDBC/ODBC driver. Default is 6006.
    Service Manager Shutdown port
    Port number that controls server shutdown for the domain Service Manager. The Service Manager listens for shutdown commands on this port. Default is 6007.
    Informatica Administrator port
    Port number used by Informatica Administrator. Default is 6008.
    Informatica Administrator HTTPS port
    No default port. Enter the required port number when you create the service. Setting this port to 0 disables an HTTPS connection to the Administrator tool.
    Informatica Administrator shutdown port
    Port number that controls server shutdown for Informatica Administrator. Informatica Administrator listens for shutdown commands on this port. Default is 6009.
    Minimum port number
    Lowest port number in the range of dynamic port numbers that can be assigned to the application service processes that run on this node. Default is 6014.
    Maximum port number
    Highest port number in the range of dynamic port numbers that can be assigned to the application service processes that run on this node. Default is 6114.
The Post-installation Summary indicates whether the installation completed successfully. It also shows the status of the installed components and their configuration. You can view the installation log files to get more information about the tasks performed by the installer and to view configuration properties for the installed components.
By default, the system services are disabled after the installation. You must enable them from the Administrator tool.