Table of Contents


  1. About the Security Guide
  2. Introduction to Informatica Security
  3. User Authentication
  4. LDAP Security Domains
  5. Kerberos Authentication
  6. Domain Security
  7. SAML Authentication for Informatica Web Applications
  8. Security Management in Informatica Administrator
  9. Users and Groups
  10. Privileges and Roles
  11. Permissions
  12. Audit Reports
  13. Command Line Privileges and Permissions
  14. Custom Roles
  15. Default List of Cipher Suites

infasetup DefineDomain Command Options

infasetup DefineDomain Command Options

Use the infasetup defineDomain command to enable SAML authentication when you create a domain.
The following example shows the SAML options as the final six options at the command prompt:
infasetup defineDomain -cs "jdbc:informatica:oracle://host:1521;sid=xxxx" -dt oracle -dn TestDomain -ad test_admin -pd test_admin -ld $HOME/ISP/1011/source/logs -nn TestNode1 -na -saml true -iu -cst 240 -asca adfscert -std \custom\security\ -stp password -mi 10000 -ma 10200 -rf $HOME/ISP/BIN/nodeoptions.xml
The following table describes the SAML options and arguments:
Required. Set this value to true to enable SAML authentication for supported Informatica web applications within the Informatica domain.
Set this value to false to disable SAML authentication for supported Informatica web applications within the Informatica domain.
Required if the -saml option is true. Specify the identity provider URL for the domain. You must specify the complete URL string.
Optional. The allowed time difference between the Active Directory Federation Services (AD FS) host system clock and the master gateway node's system clock.
The lifetime of SAML tokens issued by AD FS by is set according to the AD FS host system clock. The lifetime of a SAML token issued by AD FS is valid if the start time or end time set in the token is within the specified number seconds of the master gateway node's system clock.
Values must be from 0 to 600 seconds. Default is 120 seconds.
Required if the -saml option is true. The alias name specified when importing the identity provider assertion signing certificate into the truststore file used for SAML authentication.
Optional. The directory containing the custom truststore file required to use SAML authentication on gateway nodes within the domain. Specify the directory only, not the full path to the file.
SAML authentication uses the default Informatica truststore if no truststore is specified.
Required if you use a custom truststore. The password for the custom truststore file.
See the
Informatica Command Reference
for instructions on using the infasetup defineDomain command.

Updated October 10, 2019