You create and manage LDAP users and groups in the LDAP directory service. Set up a connection to the LDAP server and use search filters to specify the users and groups that can have access to the Informatica domain. Then import the user accounts into LDAP security domains. If the LDAP server uses the SSL protocol, you must also specify the location of the SSL certificate.
You can import users from the following LDAP directory services:
Microsoft Active Directory Service
If you use Kerberos authentication, you can import users only from a Microsoft Active Directory (AD) directory service.
Sun Java System Directory Service
Novell e-Directory Service
IBM Tivoli Directory Service
Open LDAP Directory Service
After you import users into an LDAP security domain, you can assign roles, privileges, and permissions to the users. You can assign LDAP user accounts to native groups to organize them based on their roles in the Informatica domain. You cannot use the Administrator tool to create, edit, or delete users and groups in an LDAP security domain.
Use the LDAP Configuration dialog box to set up the connection to the LDAP directory service and create the LDAP security domain. You can also use the LDAP Configuration dialog box to set up a synchronization schedule.
To set up the LDAP security domain, perform the following steps:
Set up the connection to the LDAP directory service.
Configure a security domain.
Schedule the synchronization times.