Table of Contents

Search

  1. About the Security Guide
  2. Introduction to Informatica Security
  3. User Authentication
  4. LDAP Security Domains
  5. Kerberos Authentication Setup
  6. Domain Security
  7. Security Management in Informatica Administrator
  8. Users and Groups
  9. Privileges and Roles
  10. Permissions
  11. Audit Reports
  12. Command Line Privileges and Permissions
  13. Custom Roles

Setting Up an LDAP Security Domain

Setting Up an LDAP Security Domain

You can create an LDAP security domain for user accounts that you import from an LDAP directory service. To organize different groups of users, you can create multiple LDAP security domains.
You create and manage LDAP users and groups in the LDAP directory service. Set up a connection to the LDAP server and use search filters to specify the users and groups that can have access to the Informatica domain. Then import the user accounts into LDAP security domains. If the LDAP server uses the SSL protocol, you must also specify the location of the SSL certificate.
You can import users from the following LDAP directory services:
  • Microsoft Active Directory Service
    If you use Kerberos authentication, you can import users only from a Microsoft Active Directory (AD) directory service.
  • Sun Java System Directory Service
  • Novell e-Directory Service
  • IBM Tivoli Directory Service
  • Open LDAP Directory Service
After you import users into an LDAP security domain, you can assign roles, privileges, and permissions to the users. You can assign LDAP user accounts to native groups to organize them based on their roles in the Informatica domain. You cannot use the Administrator tool to create, edit, or delete users and groups in an LDAP security domain.
Use the LDAP Configuration dialog box to set up the connection to the LDAP directory service and create the LDAP security domain. You can also use the LDAP Configuration dialog box to set up a synchronization schedule.
To set up the LDAP security domain, perform the following steps:
  1. Set up the connection to the LDAP directory service.
  2. Configure a security domain.
  3. Schedule the synchronization times.


Updated April 29, 2019