Accounts Required at Node Level
Create the LDAP user accounts required to enable Kerberos authentication at the node level in Active Directory.
Create the following Kerberos principal accounts in Active Directory if you enable Kerberos at the node level:
- Node processes
- Create an account for each node that runs in the domain.
- HTTP process
- Create an account for the Informatica web applications that run on a node in the domain. Web applications that run on a node might include the Administrator tool, Informatica Analyst, and Catalog Administrator. Create a single account that is shared by all of the web applications that run on the node.
- Bind User Distinguished Name (DN)
- Create an LDAP bind user account that you use to synchronize the LDAP security domain that contains Kerberos user accounts with Active Directory.