An operating system profile is a type of security that the Data Integration Service uses to run mappings, workflows, and profiling jobs. Use operating system profiles to increase security and to isolate the run-time environment for users.
If the Data Integration Service runs on UNIX or Linux, create operating system profiles and configure the Data Integration Service to use operating system profiles.
By default, the Data Integration Service process runs all jobs, mappings, and workflows using the permissions of the operating system user that starts Informatica Services. The Data Integration Service writes output files to a single shared location specified in the Data Integration Service execution options.
When you configure the Data Integration Service to use operating system profiles, the Data Integration Service process runs jobs with the permission of the operating system user you define in the operating system profile. The operating system profile contains the operating system user name, service process variables, Hadoop impersonation properties, the Analyst Service properties, environment variables, and permissions. The operating system user must have access to the directories you configure in the profile and the directories the Data Integration Service accesses at run time.
If the Analyst Service and the Data Integration Service run on different nodes, the operating system profiles must be configured for both nodes.
Before you run a mapping with a Lookup transformation, Sqoop source, or Sqoop target in the Hadoop run-time environment, verify that the operating system user has read, write, and execute permissions on the following directory:
<Informatica installation directory>/tomcat/temp/<Data Integration Service name>/temp
Operating System Profile Example
An I.T. organization has some developers that work with sensitive data from Human Resources. The organization needs to restrict other developers in the organization from accessing any HR file or directory that the HR developers own.
The organization enables operating system profiles to limit access to data. Each developer group has an operating system profile. The developers in the HR operating system profile can read and write data in the restricted directories on the UNIX machine.