Table of Contents


  1. About the Security Guide
  2. Introduction to Informatica Security
  3. User Authentication
  4. LDAP Security Domains
  5. Kerberos Authentication
  6. Domain Security
  7. SAML Authentication for Informatica Web Applications
  8. Security Management in Informatica Administrator
  9. Users and Groups
  10. Privileges and Roles
  11. Permissions
  12. Audit Reports
  13. Command Line Privileges and Permissions
  14. Custom Roles
  15. Default List of Cipher Suites

Setting Up an LDAP Security Domain

Setting Up an LDAP Security Domain

You can create an LDAP security domain for user accounts that you import from an LDAP directory service. To organize different groups of users, you can create multiple LDAP security domains.
You create and manage LDAP users and groups in the LDAP directory service. Set up a connection to the LDAP server and use search filters to specify the users and groups that can have access to the Informatica domain. Then import the user accounts into LDAP security domains. If the LDAP server uses the SSL protocol, you must also specify the location of the SSL certificate.
You can import users from the following LDAP directory services:
  • IBM Tivoli Directory Server
  • Microsoft Active Directory
    If you use Kerberos authentication, you can only import users from Microsoft Active Directory.
  • Novell eDirectory
  • OpenLDAP
  • Sun Java System Directory Server
After you import users into an LDAP security domain, you can assign roles, privileges, and permissions to the users. You can assign LDAP user accounts to native groups to organize them based on their roles in the Informatica domain.
You cannot use the Administrator tool to create, edit, or delete users and groups in an LDAP security domain. You must make changes to LDAP users and groups in the LDAP directory service, then synchronize the LDAP security domain with the LDAP directory service.
Use the LDAP Configuration dialog box to set up the connection to the LDAP directory service and create the LDAP security domain. You can also use the LDAP Configuration dialog box to set up a synchronization schedule.
To set up the LDAP security domain, perform the following steps:
  1. Set up the connection to the LDAP directory service.
  2. Configure a security domain.
  3. Schedule the synchronization times.

Updated October 10, 2019