Table of Contents

  1. About the Security Guide
  2. Introduction to Informatica Security
  3. User Authentication
  4. LDAP Security Domains
  5. Kerberos Authentication
  6. Domain Security
  7. SAML Authentication for Informatica Web Applications
  8. Security Management in Informatica Administrator
  9. Users and Groups
  10. Privileges and Roles
  11. Permissions
  12. Audit Reports
  13. Command Line Privileges and Permissions
  14. Custom Roles
  15. Default List of Cipher Suites

Security Guide

Security Guide

pmrep Commands

pmrep Commands

Users must have the Access Repository Manager privilege to run all pmrep commands except for the following commands:
  • Run
  • Create
  • Restore
  • Upgrade
  • Version
  • Help
To run pmrep commands, users must have one of the listed sets of domain privileges, PowerCenter Repository Service privileges, domain object permissions, and PowerCenter repository object permissions.
Users must be the object owner or have the Administrator role for the PowerCenter Repository Service to run the following commands:
  • AssignPermission
  • ChangeOwner
  • CreateQuery
  • DeleteConnection
  • DeleteDeploymentGroup
  • DeleteFolder
  • DeleteLabel
  • DeleteQuery
  • ModifyFolder (to change owner, configure permissions, designate the folder as shared, or edit the folder name or description)
The following table lists the required privileges and permissions for pmrep commands:
pmrep Command
Privilege Group
Privilege Name
Permission
AddToDeploymentGroup
Global Objects
Manage Deployment Groups
Read on original folder
Read and Write on deployment group
ApplyLabel
-
-
Read on folder
Read and Execute on label
AssignPermission
-
-
-
BackUp
Domain Administration
Manage Services
Permission on PowerCenter Repository Service
ChangeOwner
-
-
-
CheckIn (for your own checkouts)
Design Objects
Create, Edit, and Delete
Read and Write on folder
CheckIn (for your own checkouts)
Sources and Targets
Create, Edit, and Delete
Read and Write on folder
CheckIn (for your own checkouts)
Run-time Objects
Create, Edit, and Delete
Read and Write on folder
CheckIn (for others’ checkouts)
Design Objects
Manage Versions
Read and Write on folder
CheckIn (for others’ checkouts)
Sources and Targets
Manage Versions
Read and Write on folder
CheckIn (for others’ checkouts)
Run-time Objects
Manage Versions
Read and Write on folder
CleanUp
-
-
-
ClearDeploymentGroup
Global Objects
Manage Deployment Groups
Read and Write on deployment group
Connect
-
-
-
Create
Domain Administration
Manage Services
Permission on PowerCenter Repository Service
CreateConnection
Global Objects
Create Connections
-
CreateDeploymentGroup
Global Objects
Manage Deployment Groups
-
CreateFolder
Folders
Create
-
CreateLabel
Global Objects
Create Labels
-
CreateQuery
Global Objects
Create Queries
-
Delete
Domain Administration
Manage Services
Permission on PowerCenter Repository Service
DeleteConnection
-
-
-
DeleteDeploymentGroup
-
-
-
DeleteFolder
-
-
-
DeleteLabel
-
-
-
DeleteObject
Design Objects
Create, Edit, and Delete
Read and Write on folder
DeleteObject
Sources and Targets
Create, Edit, and Delete
Read and Write on folder
DeleteObject
Run-time Objects
Create, Edit, and Delete
Read and Write on folder
DeleteQuery
-
-
-
DeployDeploymentGroup
Global Objects
Manage Deployment Groups
Read on original folder
Read and Write on destination folder
Read and Execute on deployment group
DeployFolder
Folders
Copy on original repository
Create on destination repository
Read on folder
ExecuteQuery
-
-
Read and Execute on query
Exit
-
-
-
FindCheckout
-
-
Read on folder
GetConnectionDetails
-
-
Read on connection object
Help
-
-
-
KillUserConnection
Domain Administration
Manage Services
Permission on PowerCenter Repository Service
ListConnections
-
-
Read on connection object
ListObjectDependencies
-
-
Read on folder
ListObjects
-
-
Read on folder
ListTablesBySess
-
-
Read on folder
ListUserConnections
Domain Administration
Manage Services
Permission on PowerCenter Repository Service
ModifyFolder (to change owner, configure permissions, designate the folder as shared, or edit the folder name or description)
-
-
-
ModifyFolder (to change status)
Folders
Manage Versions
Read and Write on folder
Notify
Domain Administration
Manage Services
Permission on PowerCenter Repository Service
ObjectExport
-
-
Read on folder
ObjectImport
Design Objects
Create, Edit, and Delete
Read and Write on folder
ObjectImport
Sources and Targets
Create, Edit, and Delete
Read and Write on folder
ObjectImport
Run-time Objects
Create, Edit, and Delete
Read and Write on folder
PurgeVersion
Design Objects
Manage Versions
Read and Write on folder
Read, Write, and Execute on query if you specify a query name
PurgeVersion
Sources and Targets
Manage Versions
Read and Write on folder
Read, Write, and Execute on query if you specify a query name
PurgeVersion
Run-time Objects
Manage Versions
Read and Write on folder
Read, Write, and Execute on query if you specify a query name
PurgeVersion (to purge objects at the folder level)
Folders
Manage Versions
Read and Write on folder
PurgeVersion (to purge objects at the repository level)
Domain Administration
Manage Services
Permission on PowerCenter Repository Service
Register
Domain Administration
Manage Services
Permission on PowerCenter Repository Service
RegisterPlugin
Domain Administration
Manage Services
Permission on PowerCenter Repository Service
Restore
Domain Administration
Manage Services
Permission on PowerCenter Repository Service
RollbackDeployment
Global Objects
Manage Deployment Groups
Read and Write on destination folder
Run
-
-
-
ShowConnectionInfo
-
-
-
SwitchConnection
Run-time Objects
Create, Edit, and Delete
Read and Write on folder
Read on connection object
TruncateLog
Run-time Objects
Manage Execution
Read and Execute on folder
UndoCheckout (for your own checkouts)
Design Objects
Create, Edit, and Delete
Read and Write on folder
UndoCheckout (for your own checkouts)
Sources and Targets
Create, Edit, and Delete
Read and Write on folder
UndoCheckout (for your own checkouts)
Run-time Objects
Create, Edit, and Delete
Read and Write on folder
UndoCheckout (for others’ checkouts)
Design Objects
Manage Versions
Read and Write on folder
UndoCheckout (for others’ checkouts)
Sources and Targets
Manage Versions
Read and Write on folder
UndoCheckout (for others’ checkouts)
Run-time Objects
Manage Versions
Read and Write on folder
Unregister
Domain Administration
Manage Services
Permission on PowerCenter Repository Service
UnregisterPlugin
Domain Administration
Manage Services
Permission on PowerCenter Repository Service
UpdateConnection
-
-
Read and Write on connection object
UpdateEmailAddr
Run-time Objects
Create, Edit, and Delete
Read and Write on folder
UpdateSeqGenVals
Design Objects
Create, Edit, and Delete
Read and Write on folder
UpdateSrcPrefix
Run-time Objects
Create, Edit, and Delete
Read and Write on folder
UpdateStatistics
Domain Administration
Manage Services
Permission on PowerCenter Repository Service
UpdateTargPrefix
Run-time Objects
Create, Edit, and Delete
Read and Write on folder
Upgrade
Domain Administration
Manage Services
Permission on PowerCenter Repository Service
Validate
Design Objects
Create, Edit, and Delete
Read and Write on folder
Validate
Run-time Objects
Create, Edit, and Delete
Read and Write on folder
Version
-
-
-

Updated July 24, 2019


Explore Informatica Network