You create and manage LDAP users and groups in the LDAP directory service. You set up a connection to the LDAP directory server and use search filters to specify the users and groups that you want to have access to the Informatica domain. You then import the user accounts into an LDAP security domain. If the LDAP server uses the SSL protocol, you must also specify the location of the SSL certificate.
After you import users into an LDAP security domain, you can assign roles, privileges, and permissions to the users. You can assign LDAP user accounts to native groups to organize the accounts based on their roles in the Informatica domain.
You cannot use the Administrator tool to create, edit, or delete users and groups in an LDAP security domain. You must make changes to LDAP users and groups in the LDAP directory service, and then synchronize the LDAP security domain with the LDAP directory service.
Use the LDAP Configuration dialog box to set up the connection to the LDAP directory service and create the LDAP security domain into which to import user accounts. You can also use the LDAP Configuration dialog box to set up a synchronization schedule.
To create an LDAP configuration, perform the following steps:
Configure the connection to the LDAP server that contains the directory service from which you want to import user accounts and groups.
Create an LDAP security domain for each set of user accounts and groups you want to import from the LDAP directory service.
Set up a schedule for the Service Manager to update the LDAP security domains with new or changed users and groups in the LDAP directory service.