Table of Contents

Search

  1. About the Security Guide
  2. Introduction to Informatica Security
  3. User Authentication
  4. LDAP Authentication
  5. Kerberos Authentication
  6. SAML Authentication for Informatica Web Applications
  7. Domain Security
  8. Security Management in Informatica Administrator
  9. Users and Groups
  10. Privileges and Roles
  11. Permissions
  12. Audit Reports
  13. Command Line Privileges and Permissions
  14. Custom Roles
  15. Default List of Cipher Suites

Creating an LDAP Configuration

Creating an LDAP Configuration

You can create one or more LDAP configurations to enable user accounts and user groups that you import from LDAP directory services to authenticate with an Informatica domain.
You create and manage LDAP users and groups in the LDAP directory service. You set up a connection to the LDAP directory server and use search filters to specify the users and groups that you want to have access to the Informatica domain. You then import the user accounts into an LDAP security domain. If the LDAP server uses the SSL protocol, you must also specify the location of the SSL certificate.
After you import users into an LDAP security domain, you can assign roles, privileges, and permissions to the users. You can assign LDAP user accounts to native groups to organize the accounts based on their roles in the Informatica domain.
You cannot use the Administrator tool to create, edit, or delete users and groups in an LDAP security domain. You must make changes to LDAP users and groups in the LDAP directory service, and then synchronize the LDAP security domain with the LDAP directory service.
Use the LDAP Configuration dialog box to set up the connection to the LDAP directory service and create the LDAP security domain into which to import user accounts. You can also use the LDAP Configuration dialog box to set up a synchronization schedule.
To create an LDAP configuration, perform the following steps:
  1. Configure the connection to the LDAP server that contains the directory service from which you want to import user accounts and groups.
  2. Create an LDAP security domain for each set of user accounts and groups you want to import from the LDAP directory service.
  3. Set up a schedule for the Service Manager to update the LDAP security domains with new or changed users and groups in the LDAP directory service.


Updated June 26, 2020