Table of Contents

Search

  1. About the Security Guide
  2. Introduction to Informatica Security
  3. User Authentication
  4. LDAP Security Domains
  5. Kerberos Authentication Setup
  6. Domain Security
  7. Security Management in Informatica Administrator
  8. Users and Groups
  9. Privileges and Roles
  10. Permissions
  11. Audit Reports
  12. Command Line Privileges and Permissions
  13. Custom Roles

Authentication

Authentication

The Service Manager authenticates the services that run in the domain and the users who log in to the Informatica client tools.
You can configure the Informatica domain to use the following types of authentication:
Native Authentication
Native authentication is a mode of authentication available only for user accounts in the Informatica domain. When the Informatica domain uses native authentication, the Service Manager stores user credentials and privileges in the domain configuration repository and performs all user authentication within the Informatica domain.
If the Informatica domain uses native authentication, by default, the domain has a Native security domain and all user accounts belong to the Native security domain.
Informatica uses user name and passwords to authenticate users and services in the Informatica domain.
Lightweight Directory Access Protocol (LDAP) Authentication
LDAP is a software protocol for accessing users and resources on a network. If the Informatica domain uses LDAP authentication, the user accounts and credentials are stored in the LDAP directory service. The user privileges and permissions are stored in the domain configuration repository. You must periodically synchronize the user accounts in the domain configuration repository with the user accounts in the LDAP directory service.
Informatica uses user name and passwords to authenticate informatica users and services in the Informatica domain.
Kerberos Authentication
Kerberos is a network authentication protocol which uses tickets to authenticate users and services in a network. When the Informatica domain uses Kerberos authentication, the user accounts and credentials are stored in the Kerberos principal database, which can be an LDAP directory service. The user privileges and permissions are stored in the domain configuration repository. You must periodically synchronize the user accounts in the domain configuration repository with the user accounts in the Kerberos principal database.
Informatica uses the Kerberos tickets to authenticate Informatica users and services in the Informatica domain.


Updated April 29, 2019