Table of Contents

Search

  1. Preface
  2. Analyst Service
  3. Catalog Service
  4. Content Management Service
  5. Data Integration Service
  6. Data Integration Service Architecture
  7. Data Integration Service Management
  8. Data Integration Service Grid
  9. Data Integration Service REST API
  10. Data Integration Service Applications
  11. Data Privacy Management Service
  12. Enterprise Data Preparation Service
  13. Interactive Data Preparation Service
  14. Informatica Cluster Service
  15. Mass Ingestion Service
  16. Metadata Access Service
  17. Metadata Manager Service
  18. Model Repository Service
  19. PowerCenter Integration Service
  20. PowerCenter Integration Service Architecture
  21. High Availability for the PowerCenter Integration Service
  22. PowerCenter Repository Service
  23. PowerCenter Repository Management
  24. PowerExchange Listener Service
  25. PowerExchange Logger Service
  26. SAP BW Service
  27. Search Service
  28. System Services
  29. Test Data Manager Service
  30. Test Data Warehouse Service
  31. Web Services Hub
  32. Application Service Upgrade
  33. Appendix A: Application Service Databases
  34. Appendix B: Connecting to Databases from Windows
  35. Appendix C: Connecting to Databases from UNIX or Linux
  36. Appendix D: Updating the DynamicSections Parameter of a DB2 Database

Application Service Guide

Application Service Guide

Operating System Profiles for the Metadata Access Service

Operating System Profiles for the Metadata Access Service

An operating system profile is a type of security that the Metadata Access Service uses to import and preview metadata at design time. Create operating system profiles and configure the Metadata Access Service to use operating system profiles.
The operating system profile contains the operating system user name, Hadoop impersonation properties, and permissions.
To increase security, create operating system profiles to divide users into specific groups. Each group is defined by the operating system profile and the configured operating system user. The groups manage mapping runs and control access to directories by specifying permissions for the operating system user in each operating system profile. The operating system user has read and write permissions to certain controlled directories. The operating system profile configuration must adequately control the directories where users have read and write permissions in order to mitigate security attacks that can result due to directory traversal. For example, if the operating system profile does not properly assign directory permissions, certain users can access files in unassigned directories.
When you configure the Metadata Access Service to use operating system profiles, the Metadata Access Service imports and preview metadata with the permissions of the operating system user that you define in the operating system profile. The operating system user must have access to the directories you configure in the profile and the directories the Metadata Access Service accesses at design time.
By default, the Metadata Access Service process imports and preview metadata using the permissions of the operating system user that starts Informatica Services. The Metadata Access Service has access only to the directories where the operating system user has read and write permissions. The Metadata Access Service provides the object metadata to the Developer tool.

0 COMMENTS

We’d like to hear from you!