Table of Contents

  1. About the Security Guide
  2. Introduction to Informatica Security
  3. User Authentication
  4. LDAP Security Domains
  5. Kerberos Authentication
  6. Domain Security
  7. SAML Authentication for Informatica Web Applications
  8. Security Management in Informatica Administrator
  9. Users and Groups
  10. Privileges and Roles
  11. Permissions
  12. Audit Reports
  13. Command Line Privileges and Permissions
  14. Custom Roles
  15. Default List of Cipher Suites

Security Guide

Security Guide

Step 4. Configure Active Directory Federation Services

Step 4. Configure Active Directory Federation Services

Configure AD FS to issue SAML tokens to Informatica web applications.
Use the AD FS Management Console to perform the following tasks:
  • Add Informatica as a relying party trust in AD FS. The relying party trust definition enables AD FS to accept authentication requests from Informatica web applications.
  • Edit the Send LDAP Attributes as Claims rule to map LDAP attributes in your identity store to the corresponding types used in SAML tokens issued by AD FS.
All strings are case sensitive in AD FS, including URLs.
  1. Log in to the AD FS Management Console.
  2. Expand the Trust Relationships Relying Party Trusts folder.
  3. Right-click the Relying Party Trusts folder, and then select Add Relying Party Trust as shown in the following image:
    The Add Relying Party Trust Wizard appears.
  4. Click Start.
    The Select Data Source panel appears.
  5. Click Enter data about the relying party manually as shown in the following image:
  6. Click Next
  7. Enter "Informatica" as the display name, and then click Next.
  8. Click AD FS 2.0 profile as shown in the following image:
  9. Click Next.
    Skip the certificate configuration panel in the wizard.
  10. Check Enable support for the SAML WebSSO protocol, and then enter the complete URL for the Administrator tool, as shown in the following image:
  11. Click Next.
  12. Enter "Informatica" in the Relying party trust identifier field. Click Add, and then click Next.
  13. Select Permit all users to access the relying party as shown in the following image:
  14. Click Next.
  15. Check Open the Edit Claim Rules dialog for this relying party trust when the wizard closes as shown in the following image:
  16. Click Close.
    The Edit Claim Rules for Informatica dialog box appears.
  17. Click Add Rule.
    The Add Transform Claim Rule Wizard opens.
  18. Select Send LDAP Attributes as Claims from the menu, as shown in the following image:
  19. Click Next.
  20. Enter any string as the claim rule name, as shown in the following image:
  21. Select Active Directory from the Attribute store menu.
  22. Select SAM-Account-Name from the LDAP Mapping menu.
  23. Enter "username" in the Outgoing Claim Type field.
  24. Click Finish, then click OK to close the wizard.

Updated May 17, 2019


Explore Informatica Network