Table of Contents

Search

  1. About the Security Guide
  2. Introduction to Informatica Security
  3. User Authentication
  4. LDAP Security Domains
  5. Kerberos Authentication Setup
  6. Domain Security
  7. Security Management in Informatica Administrator
  8. Users and Groups
  9. Privileges and Roles
  10. Permissions
  11. Audit Reports
  12. Command Line Privileges and Permissions
  13. Custom Roles

Step 2. Migrate Native User Privileges and Permissions to an LDAP Security Domain

Step 2. Migrate Native User Privileges and Permissions to an LDAP Security Domain

After you configure the domain to use Kerberos authentication, you cannot modify user accounts in the native security domain. Migrate the native user groups, roles, privileges, and permissions to an LDAP security domain before you configure Kerberos authentication
If the domain has user accounts in the native security domain, the corresponding user accounts in the LDAP security domain must have the same groups, roles, privileges, and permissions. Migrate the groups, roles, privileges, and permissions of the native users to the Active Directory users in the LDAP security domain. Then, verify that the groups, roles, privileges, and permissions migrated correctly.
If the domain does not have user accounts in the native security domain, you can continue to Step 3. Set Up the Kerberos Configuration File.
To migrate the groups, roles, privileges, and permissions of native users to the users in the LDAP security domain, perform the following steps:
  1. Verify the user accounts for Kerberos Authentication.
  2. Create the user migration file.
  3. Run the infacmd isp migrateusers command.
  4. Verify the groups, roles, privileges, and permissions for the user accounts.
To avoid problems when you migrate user groups roles, privileges, and permissions, do not run workflows or modify user groups, roles, privileges, or permissions during the migration process.


Updated April 29, 2019