Kerberos is a computer network authentication protocol that uses cryptography to verify the identity of clients and servers. If you use Kerberos to authenticate Test Data Manager users, you must edit configuration files for the TDM Server.
You can enable Kerberos authentication in a domain that runs on a Windows network. The network must use Microsoft Active Directory Domain Services (AD DS) as the Kerberos principal database.
The Kerberos server uses the Kerberos tickets created during the Windows authentication process to verify the identity of the TDM Server and the Test Data Manager users before establishing a secure connection between the two.
To use Kerberos authentication, configure the following files for the TDM Server:
krb5.conf
. Contains configuration information for Kerberos. This file is stored in the following location:
<INFA_HOME>/TDM/datadirect
.
org.eclipse.virgo.kernel.authentication.config
. Contains authentication properties for the TDM Server, including driver information. This file is stored in the following location:
<INFA_HOME>/TDM/configuration
.
If you have multiple TDM servers, you must configure the files on each server.
You can use Test Data Management in an Informatica domain configured to use Kerberos cross-realm authentication. Kerberos cross-realm authentication enables Informatica clients that belong to one Kerberos realm to authenticate with nodes and application services that belong to another Kerberos realm.
For information about how to configure Kerberos network authentication and to configure the Informatica domain to use Kerberos cross-realm authentication, see the