You can assign privileges, roles, and permissions to users or groups of users to manage the level of access users and groups can have and the scope of the actions that users and groups can perform in the domain.
You can use the following methods to manage user and group access in the domain:
Privileges
Privileges determine the actions that users can perform in the Informatica client tools. You can assign a set of privileges to a user to restrict access to the services available in the domain. You can also assign privileges to a group to allow all users in the group the same access to services.
Roles
A role is a set of privileges that you can assign to users or groups. You can use roles to more easily manage assignments of privileges to users. You can create a role with limited privileges and assign it to users and groups that have restricted access to domain services. Or you can create roles with related privileges to assign to users and groups that require the same level of access.
Permissions
Permissions define the level of access that users have to an object. A user who has the privilege to perform a certain action might require permission to perform the action on a particular object. For example, to manage an application service, a user must have the privilege to manage services and permission on the specific application service.
Default Administrator Group
The Informatica domain has a system-defined Administrator group that includes all privileges and permissions for a service. Any user account that you add to the Administrator group has privileges and permissions on all services and objects in the domain. When you install Informatica services, the installer creates a user account that belongs to the Administrator group. You can use the default Administrator account to initially log in to the Administrator tool.