Table of Contents

Search

  1. About the Security Guide
  2. Introduction to Informatica Security
  3. User Authentication
  4. LDAP Security Domains
  5. Kerberos Authentication Setup
  6. Domain Security
  7. Security Management in Informatica Administrator
  8. Users and Groups
  9. Privileges and Roles
  10. Permissions
  11. Audit Reports
  12. Command Line Privileges and Permissions
  13. Custom Roles

Authorization

Authorization

The Service Manager authorizes user requests for domain objects. Requests can come from the Administrator tool. The following application services authorize user requests for other objects:
  • Data Integration Service
  • Metadata Manager Service
  • Model Repository Service
  • PowerCenter Repository Service
  • Reporting Service
The Service Manager authorizes user requests for domain objects. Requests can come from the Administrator tool. The following application services authorize user requests for other objects:
  • Data Integration Service
  • Model Repository Service
When you create native users and groups or import LDAP users and groups, the Service Manager stores the information in the domain configuration database into the following repositories:
  • Data Analyzer repository
  • Model repository
  • PowerCenter repository
  • PowerCenter repository for Metadata Manager
The Service Manager synchronizes the user and group information between the repositories and the domain configuration database when the following events occur:
  • You restart the Metadata Manager Service, Model Repository Service, PowerCenter Repository Service, or Reporting Service.
  • You add or remove native users or groups.
  • The Service Manager synchronizes the list of LDAP users and groups in the domain configuration database with the list of users and groups in the LDAP directory service.
The Service Manager synchronizes the user and group information between the repositories and the domain configuration database when the following events occur:
  • You restart the Model Repository Service.
  • You add or remove native users or groups.
When you assign permissions to users and groups in an application client, the application service stores the permission assignments with the user and group information in the appropriate repository.
When you request an object in an application client, the appropriate application service authorizes your request. For example, if you try to edit a project in Informatica Developer, the Model Repository Service authorizes your request based on your privilege, role, and permission assignments.


Updated April 29, 2019