Table of Contents

Search

  1. Preface
  2. Part 1: Version 10.4.1
  3. Part 2: Version 10.4.0
  4. Part 3: Version 10.2.2
  5. Part 4: Version 10.2.1
  6. Part 5: Version 10.2
  7. Part 6: Version 10.1.1
  8. Part 7: Version 10.1

Hive Connection

Hive Connection

Effective in version 10.2.2, the following Hive connection properties are renamed:
  • The Observe Fine Grained SQL Authorization property is renamed Fine Grained Authorization.
  • The User Name property is renamed LDAP username.
The following table describes the properties:
Property
Description
Fine Grained Authorization
When you select the option to observe fine grained authorization in a Hive source, the mapping observes the following:
  • Row and column level restrictions. Applies to Hadoop clusters where Sentry or Ranger security modes are enabled.
  • Data masking rules. Applies to masking rules set on columns containing sensitive data by Dynamic Data Masking.
If you do not select the option, the Blaze and Spark engines ignore the restrictions and masking rules, and results include restricted or sensitive data.
LDAP username
LDAP user name of the user that the Data Integration Service impersonates to run mappings on a Hadoop cluster. The user name depends on the JDBC connection string that you specify in the Metadata Connection String or Data Access Connection String for the native environment.
If the Hadoop cluster uses Kerberos authentication, the principal name for the JDBC connection string and the user name must be the same. Otherwise, the user name depends on the behavior of the JDBC driver. With Hive JDBC driver, you can specify a user name in many ways and the user name can become a part of the JDBC URL.
If the Hadoop cluster does not use Kerberos authentication, the user name depends on the behavior of the JDBC driver.
If you do not specify a user name, the Hadoop cluster authenticates jobs based on the following criteria:
  • The Hadoop cluster does not use Kerberos authentication. It authenticates jobs based on the operating system profile user name of the machine that runs the Data Integration Service.
  • The Hadoop cluster uses Kerberos authentication. It authenticates jobs based on the SPN of the Data Integration Service. LDAP username will be ignored.
For more information, see the
Informatica Big Data Management 10.2.2 User Guide
.

0 COMMENTS

We’d like to hear from you!