Communities
A collaborative platform to connect and grow with like-minded Informaticans across the globe
Product Communities
Connect and collaborate with Informatica experts and champions
Discussions
Have a question? Start a Discussion and get immediate answers you are looking for
User Groups
Customer-organized groups that meet online and in-person. Join today to network, share ideas, and get tips on how to get the most out of Informatica
Get Started
Community Guidelines
Knowledge Center
Troubleshooting documents, product guides, how to videos, best practices, and more
Knowledge Base
One-stop self-service portal for solutions, FAQs, Whitepapers, How Tos, Videos, and more
Support TV
Video channel for step-by-step instructions to use our products, best practices, troubleshooting tips, and much more
Documentation
Information library of the latest product documents
Velocity (Best Practices)
Best practices and use cases from the Implementation team
Learn
Rich resources to help you leverage full capabilities of our products
Trainings
Role-based training programs for the best ROI
Certifications
Get certified on Informatica products. Free, Foundation, or Professional
Product Learning Paths
Free and unlimited modules based on your expertise level and journey
Resources
Library of content to help you leverage the best of Informatica products
Tech Tuesdays Webinars
Most popular webinars on product architecture, best practices, and more
Product Availability Matrix
Product Availability Matrix statements of Informatica products
SupportFlash
Monthly support newsletter
Support Documents
Informatica Support Guide and Statements, Quick Start Guides, and Cloud Product Description Schedule
Product Lifecycle
End of Life statements of Informatica products
Ideas
Events
Change Request Tracking
Marketplace
English
  • Informatica Data Quality 10.4.1
  • All Products

Table of Contents

Search

  1. About the Security Guide
  2. Introduction to Informatica Security
  3. User Authentication
  4. LDAP Authentication
  5. Kerberos Authentication
  6. SAML Authentication for Informatica Web Applications
  7. Domain Security
  8. Security Management in Informatica Administrator
  9. Users and Groups
  10. Privileges and Roles
  11. Permissions
  12. Audit Reports
  13. Appendix A: Command Line Privileges and Permissions
  14. Appendix B: Custom Roles

Security Guide

Security Guide

Back Next

Azure Active Directory for Secure LDAP Authentication

Azure Active Directory for Secure LDAP Authentication

You can import users from Azure Active Directory (Azure AD) into an LDAP security domain.
Azure Active Directory Domain Services provide a secure LDAP public IP address that you use to import user accounts from Azure Active Directory into an LDAP security domain. Users you import can use their LDAP credentials to log in to Informatica nodes, services, and applications that run on virtual machines in an Azure Active Directory managed domain.
You must enable Secure Lightweight Directory Access Protocol (secure LDAP) authentication in Azure Active Directory Domain Services to authenticate Informatica users.
Complete the following steps to prepare to import user accounts from Azure Active Directory into an Informatica domain:
  1. Verify that port 636, which is the Azure Active Directory secure LDAP port, is accessible through your firewall.
  2. Enable secure LDAP authentication in Azure Active Directory Domain Services.
    You use the Azure portal to enable secure LDAP in Azure Active Directory Domain Services. For information about configuring secure LDAP in Azure Active Directory Domain Services, see the following link:
  3. When you configure the secure LDAP certificate in Azure Active Directory Domain Services, ensure that the Subject name on the certificate is the Fully Qualified Domain Name (FQDN) of Azure Active Directory.
  4. Convert the secure LDAP certificate from the PFX format to the PEM format. Java requires that the certificate is in the PEM format.
  5. Import the certificates used by all domain nodes into the Java
    cacerts
     truststore file in the following directory on a single gateway node in the domain:
    <Informatica installation directory>/java/jre/lib/security/
  6. Copy the
    cacerts
     file that contains the imported certificates to the same directory on every other gateway node in the domain.
  7. Add the Azure Active Directory public IP address and the Fully Qualified Domain Name (FQDN) of Azure Active Directory to the /etc/hosts file on each gateway node in the domain. Use the following format:
    <Azure Active Directory host IP address> ldaps.<FDQN of Azure Active Directory>
0 COMMENTS
We’d like to hear from you!