LDAP Security Domains Overview
An LDAP security domain contains a set of users and groups that are imported from an LDAP directory service. You must create an LDAP security domain if you use LDAP user authentication or Kerberos network authentication.
Configure the LDAP security domains to store the list of users from an LDAP directory service that you want to allow access to the Informatica domain and client applications. The LDAP security domain does not store user account credentials. When a user logs in to an Informatica client, the Service Manager verifies that the user account is in a security domain. If the user account belongs to an LDAP security domain, the Service Manager authenticates the user with the LDAP directory service.
When you install Informatica services and you do not enable Kerberos authentication, the Informatica installer creates the native security domain by default. After installation, you can add users and groups to the native security domain. If you have users in an LDAP directory service that you want to give access to Informatica client applications, you can set up LDAP security domains in addition to the native security domain. Configure a connection to the LDAP server and import the users and groups into the LDAP security domains.
When you install Informatica services and enable Kerberos authentication, the Informatica installer creates an LDAP security domain with the name of the Kerberos realm that you specify during installation. After installation, you can configure a connection to the LDAP server and import users and groups from the LDAP directory service into the LDAP security domain. If you use Kerberos authentication, you cannot use the Native security domain.