Table of Contents

Search

  1. About the Security Guide
  2. Introduction to Informatica Security
  3. User Authentication
  4. LDAP Security Domains
  5. Kerberos Authentication Setup
  6. Domain Security
  7. Security Management in Informatica Administrator
  8. Users and Groups
  9. Privileges and Roles
  10. Permissions
  11. Audit Reports
  12. Command Line Privileges and Permissions
  13. Custom Roles

Service Principal Requirements at Process Level

Service Principal Requirements at Process Level

If the Informatica domain requires a high level of security, create a separate SPN and keytab file for each node and each service in the node.
The Informatica domain requires SPNs and keytab files for the following components at process level:
Principal distinguished name (DN) for the LDAP directory service
Principal name for the bind user DN that is used to search the LDAP directory service. The name of the keytab file must be
infa_ldapuser.keytab
.
Node process
Principal name for the Informatica node that initiates or accepts authentication calls.
Informatica Administrator service
Principal name for the Informatica Administrator service that authenticates the service with other services in the Informatica domain. The name of the keytab file must be
_AdminConsole.keytab
.
HTTP processes in the domain
Principal name for all web application services in the Informatica domain, including Informatica Administrator. The browser uses this principal name to authenticate with all HTTP processes in the domain. The name of the keytab file must be
webapp_http.keytab
.
Service process
Principal name for the application service that runs on a node in the Informatica domain. Each application service requires a unique service principal and keytab file name.


Updated April 29, 2019