Table of Contents


  1. About the Security Guide
  2. Introduction to Informatica Security
  3. User Authentication
  4. LDAP Security Domains
  5. Kerberos Authentication Setup
  6. Domain Security
  7. Security Management in Informatica Administrator
  8. Users and Groups
  9. Privileges and Roles
  10. Permissions
  11. Audit Reports
  12. Command Line Privileges and Permissions
  13. Custom Roles

Kerberos Authentication Setup

Kerberos Authentication Setup

When you create the Informatica domain during installation, you can select the option to enable Kerberos authentication. If you do not enable Kerberos authentication during installation, you can use the Informatica command line programs to configure the domain to use Kerberos authentication.
To configure Kerberos authentication for the Informatica domain on the command line, perform the following steps:
  1. Create an LDAP User Domain with Users from Microsoft Active Directory.
  2. Migrate native users to an LDAP security domain.
  3. Set up the Kerberos configuration and copy the configuration file to the Informatica directory.
  4. Generate the SPN and keytab file name in the format required by the Informatica domain.
  5. Review the SPN and keytab file format text file.
  6. Create the SPNs and keytab files.
  7. Configure Kerberos authentication for the Informatica domain.
  8. Update the nodes in the Informatica domain.
  9. Update the client machines.
  10. Start the Informatica domain and run the Administrator tool.
After you configure Kerberos authentication and the LDAP security domains, verify that the user accounts have the correct privileges and permissions. Verify that the services in the domain perform as expected and the users can log in with single sign-on.
The steps provided are based on the assumption that you installed the Informatica services without enabling Kerberos authentication. If you enable Kerberos authentication during installation, follow the steps in the Informatica installation guides.

Updated April 29, 2019