Users
A user with an account in the Informatica domain can log in to the following application clients:
- •Informatica Administrator
- •Informatica Developer
The Users section of the Navigator organizes users into security domain folders. A security domain is a collection of user accounts and groups in an Informatica domain. Native authentication uses the Native security domain which contains the users and groups created and managed in the Administrator tool. LDAP authentication uses LDAP security domains which contain users and groups imported from the LDAP directory service.
When you select a security domain folder in the Users section of the Navigator, the contents panel displays all users belonging to the security domain. Right-click a user and select Navigate to Item to display the user details in the contents panel.
When you select a user in the Navigator, the contents panel displays the following tabs:
- •Overview. Displays general properties of the user and all groups to which the user belongs.
- •Privileges. Displays the privileges and roles assigned to the user for the domain and for application services in the domain.
Understanding User Accounts
An Informatica domain can have the following types of accounts:
- •Default administrator
- •Domain administrator
- •Application client administrator
- •User
An Informatica domain can have the following types of accounts:
- •Default administrator
- •Domain administrator
- •Application client administrator
- •User
The Informatica domain has a default administrator account.
Default Administrator
When you install Informatica services, the installer creates the default administrator with a user name and password you provide. You can use the default administrator account to initially log in to the Administrator tool.
The default administrator has administrator permissions and privileges on the domain and all application services.
The default administrator can perform the following tasks:
- •Create, configure, and manage all objects in the domain, including nodes, application services, and administrator and user accounts.
- •Configure and manage all objects and user accounts created by other domain administrators and application client administrators.
- •Log in to any application client.
The default administrator is a user account in the native security domain. You cannot create a default administrator. You cannot disable or modify the user name or privileges of the default administrator. You can change the default administrator password.
Domain Administrator
A domain administrator can create and manage objects in the domain.
The domain administrator can log in to the Administrator tool and create and configure application services in the domain. However, by default, the domain administrator cannot log in to application clients. The default administrator must explicitly give a domain administrator full permissions and privileges to the application services so that they can log in and perform administrative tasks in the application clients.
The domain administrator can log in to the Administrator tool and configure application services in the domain. However, by default, the domain administrator cannot log in to application clients. The default administrator must explicitly give a domain administrator full permissions and privileges to the application services so that they can log in and perform administrative tasks in the application clients.
To create a domain administrator, assign a user the Administrator role for a domain.
Application Client Administrator
An application client administrator can create and manage objects in an application client. You must create administrator accounts for the application clients. To limit administrator privileges and keep application clients secure, create a separate administrator account for each application client.
By default, the application client administrator does not have permissions or privileges on the domain. Without permissions or privileges on the domain, the application client administrator cannot log in to the Administrator tool to manage the application service.
You can set up the following application client administrators:
- Informatica Developer administrator
Has full permissions and privileges in Informatica Developer. The Informatica Developer administrator can log in to Informatica Developer to create and manage projects and objects in projects and perform all tasks in the application client.
To create an Informatica Developer administrator, assign a user the Administrator role for a Model Repository Service.
- Live Data Map administrator
- The administration tasks include configuring resources, assigning schedules, and custom attributes. The administrator also monitors the tasks that extract metadata using the resources.
User
A user with an account in the Informatica domain can perform tasks in the application clients.
Typically, the default administrator or a domain administrator creates and manages user accounts and assigns roles, permissions, and privileges in the Informatica domain. However, any user with the required domain privileges and permissions can create a user account and assign roles, permissions, and privileges.
Users can perform tasks in application clients based on the privileges and permissions assigned to them.
Managing Users
You can create, edit, and delete users in the native security domain. You cannot delete or modify the properties of user accounts in the LDAP security domains. You cannot modify the user assignments to LDAP groups.
You can create, edit, and delete users depending on the type of license. You can assign roles, permissions, and privileges to a user account. The roles, permissions, and privileges assigned to the user determines the tasks the user can perform within the Informatica domain.
You can assign roles, permissions, and privileges to a user account in the native security domain or an LDAP security domain. The roles, permissions, and privileges assigned to the user determines the tasks the user can perform within the Informatica domain.
You can also unlock a user account.