Table of Contents

Search

  1. About the Security Guide
  2. Introduction to Informatica Security
  3. User Authentication
  4. LDAP Security Domains
  5. Kerberos Authentication Setup
  6. Domain Security
  7. Security Management in Informatica Administrator
  8. Users and Groups
  9. Privileges and Roles
  10. Permissions
  11. Audit Reports
  12. Command Line Privileges and Permissions
  13. Custom Roles

Service Principal Requirements at Node Level

Service Principal Requirements at Node Level

If the Informatica domain does not require a high level of security, the node and service processes can share the same SPNs and keytab files. The domain does not require a separate SPN for each service process in a node.
The Informatica domain requires SPNs and keytab files for the following components at node level:
Principal distinguished name (DN) for the LDAP directory service
Principal name for the bind user DN that is used to search the LDAP directory service. The name of the keytab file must be
infa_ldapuser.keytab
.
Node process
Principal name for the Informatica node that initiates or accepts authentication calls. The same principal name is used to authenticate the services in the node. Each gateway node in the domain requires a separate principal name.
HTTP processes in the domain
Principal name for all web application services in the Informatica domain, including Informatica Administrator. The browser uses this principal name to authenticate with all HTTP processes in the domain. The name of the keytab file must be
webapp_http.keytab
.


Updated April 29, 2019