Table of Contents


  1. About the Security Guide
  2. Introduction to Informatica Security
  3. User Authentication
  4. LDAP Security Domains
  5. Kerberos Authentication
  6. Domain Security
  7. SAML Authentication for Informatica Web Applications
  8. Security Management in Informatica Administrator
  9. Users and Groups
  10. Privileges and Roles
  11. Permissions
  12. Audit Reports
  13. Command Line Privileges and Permissions
  14. Custom Roles
  15. Default List of Cipher Suites

Users and Groups Overview

Users and Groups Overview

During installation, a default administrator user account is created. Use the default administrator account to log in to the Informatica domain and manage application services, domain objects, and other user accounts. When you log in to the Informatica domain after installation, change the password to ensure security for the Informatica domain and applications.
User account management in Informatica involves the following key components:
  • Users. You can set up different types of user accounts in the Informatica domain. Users can perform tasks based on the roles, privileges, and permissions assigned to them.
  • Authentication. When a user logs in to an application client, the Service Manager authenticates the user account in the Informatica domain and verifies that the user can use the application client. The Informatica domain can use native or LDAP authentication to authenticate users. The Service Manager organizes user accounts and groups by security domain. It authenticates users based on the security domain the user belongs to.
  • Groups. You can set up groups of users and assign different roles, privileges, and permissions to each group. The roles, privileges, and permissions assigned to the group determines the tasks that users in the group can perform within the Informatica domain.
  • Privileges and roles. Privileges determine the actions that users can perform in application clients. A role is a collection of privileges that you can assign to users and groups. You assign roles or privileges to users and groups for the domain and for application services in the domain.
  • Operating system profiles. If you run the Integration Service on UNIX or Linux, you can configure the Integration Service to use operating system profiles. Use operating system profiles to increase security and to isolate the run-time environment for users. You can create and manage operating system profiles on the Security tab of the Administrator tool.
  • Account lockout. You can configure account lockout to lock a user account when the user specifies an incorrect login in the Administrator tool or any application clients, like the Developer tool and Analyst tool. You can also unlock a user account.

Updated October 10, 2019