Table of Contents

Search

  1. About the Security Guide
  2. Introduction to Informatica Security
  3. User Authentication
  4. LDAP Security Domains
  5. Kerberos Authentication
  6. Domain Security
  7. Single Sign-on for Informatica Web Applications
  8. Security Management in Informatica Administrator
  9. Users and Groups
  10. Privileges and Roles
  11. Permissions
  12. Audit Reports
  13. Command Line Privileges and Permissions
  14. Custom Roles
  15. Default List of Cipher Suites

Step 3. Create Kerberos Principal Accounts in Active Directory

Step 3. Create Kerberos Principal Accounts in Active Directory

Create LDAP user accounts for the Kerberos principals in Active Directory. A Kerberos principal is a process, service, or user within the Kerberos realm.
If you set the default_tkt_enctypes property in the krb5.conf configuration file to the 128-bit or 256-bit AES encryption types, configure each account to use the corresponding encryption type in Active Directory.
The following image shows the AES 128-bit encryption option selected in the account properties dialog box for the nodeuser01 user account in Active Directory:
The Kerberos AES 128-bit encryption option is selected in the account properties dialog box for the nodeuser01 user account in Active Directory.
The accounts that you create depend on whether you enable Kerberos at the node level or at the process level.


Updated October 10, 2019