Step 2. Create Kerberos User Accounts in Active Directory
Step 2. Create Kerberos User Accounts in Active Directory
Create user accounts for the Kerberos principals in Active Directory. A Kerberos principal is a service or user within the Kerberos realm.
You create an account for each node process running in the domain. You also create an account for the HTTP process running on each gateway node in the domain.
You must also create a user account that is used to synchronize the LDAP security domain that contains Kerberos user accounts with Active Directory.
Create an account for each Informatica node process in the domain. For example, you might create the following accounts for the nodes in the example domain used in this scenario:
nodeuser01
for the node process running on node01
nodeuser02
for the node process running on node02
nodeuser03
for the node process running on node03
Create an account for the HTTP process running on each gateway node in the domain. For example, you might create the following accounts for the gateway nodes in the example domain used in this scenario:
httpuser01
for the HTTP process running on node01
httpuser02
for the HTTP process running on node02
You do not need to create an account for the HTTP process running on the worker node named node03.
Create an account that is used to access and search Active Directory during LDAP synchronization. For example, you might create an account named