Table of Contents

Search

  1. About the Security Guide
  2. Introduction to Informatica Security
  3. User Authentication
  4. LDAP Security Domains
  5. Kerberos Authentication Setup
  6. Domain Security
  7. Security Management in Informatica Administrator
  8. Users and Groups
  9. Privileges and Roles
  10. Permissions
  11. Audit Reports
  12. Command Line Privileges and Permissions
  13. Custom Roles

After You Configure Kerberos Authentication

After You Configure Kerberos Authentication

If the service principal level for the domain is at process level, the domain requires an SPN and keytab file for every service that you create in the domain. Before you enable a service, verify that an SPN and keytab file is available for the service. Kerberos cannot authenticate the application service if the service does not have a keytab file in the Informatica directory.
If SPNs and keytab files are not available for the application services you plan to create on the domain, you must create the SPN and keytab file before you enable the service. You can use the Informatica Kerberos SPN Format Generator to generate the format of the SPN and keytab file name for the service. To save time, decide on the names of the services you want to create and the nodes on which they will run. Then run the utility to generate the SPN and keytab file name format for all the services at one time.
For more information about running the Informatica Kerberos SPN Format Generator, see Step 3. Generate the Principal Name and Keytab Format
Send a request to the Kerberos administrator to add the SPNs to the principal database and to create the corresponding keytab file.
When you receive the keytab files from the Kerberos administrator, copy the files to the directory specified for the keytab file. By default, keytab files are stored in the following directory:
<INFA_HOME>/isp/config/keys
If the service principal for the domain is at node level, you can create and enable application services without creating additional SPNs and keytab files.


Updated April 29, 2019