Command Reference > infacmd isp Command Reference > PrintSPNAndKeytabNames
  

PrintSPNAndKeytabNames

Generates the list of SPN and keytab file names for the nodes and services in the domain. The Informatica domain requires a keytab file for each SPN. You might need to ask the Kerberos administrator to add the SPNs to the principal database and create the keytab files. The SPN and keytab file names are case sensitive.
The infacmd isp PrintSPNAndKeytabNames command uses the following syntax:
PrintSPNAndKeytabNames

<-DomainName|-dn> domain_name

<-ServiceRealmName|-srn> realm_name_of_node_spn

[<-Format|-fm> format_TEXT_CSV]

[<-OutputFile|-of> output_file_name]

[<-DomainNodes|-dns> Node1:HostName1 Node2:HostName2 ...]

[<-ServiceProcesses|-sps> ServiceName1:NodeName1 ServiceName2:NodeName2...]

[<-SPNShareLevel|-spnSL> SPNShareLevel PROCESS|NODE]
The following table describes infacmd isp PrintSPNAndKeytabNames options and arguments:
Option
Argument
Description
-DomainName
-dn
domain_name
Required. Name of the Informatica domain. You can set the domain name with the -dn option or the environment variable INFA_DEFAULT_DOMAIN. If you set a domain name with both methods, the -dn option takes precedence.
-ServiceRealmName
-srn
realm_name_of_node_spn
Required. Name of the Kerberos realm to which the Informatica domain services belong. The realm name must be in uppercase and is case sensitive.
-Format
-fm
format_TEXT_CSV
Optional. Output file format. Valid types include:
  • - Text
  • - CSV
If you do not specify a format, infacmd uses text format with lines wrapped at 80 characters.
-OutputFile
-of
output_file_name
Optional. Name and file path for the output file.
If you do not specify an output file name, infacmd displays the log events on the screen.
-DomainNodes
-dns
NodeName:HostName
[NodeName:Hostname]
Name of the node and the fully qualified host name of the machine that hosts the node. Use the following format: NodeName:HostName
You can generate SPNs and keytab file names for multiple nodes. Separate each node name and host name pair with a space.
-ServiceProcesses
-sps
ServiceName:Nodename
[ServiceName:Nodename]
Optional. Name of the service that you want to create in the Informatica domain and the name of the node on which the service will run. Use the following format: ServiceName:NodeName
You can generate SPNs and keytab file names for multiple services. Separate each service name and node name pair with a space.
Note: The keytab files for application services in the domain do not have to be available when you configure the domain to use Kerberos authentication. You can add the service SPN to the principal database and create the keytab after you change the Informatica domain authentication but before you enable the service.
SPNShareLevel
-spnSL
SPNShareLevel
PROCESS|NODE]
Optional. Indicates the service principal level for the domain. Set the property to one of the following levels:
  • - Process. The domain requires a unique service principal name (SPN) and keytab file for each node and each service on a node. The number of SPNs and keytab files required for each node depends on the number of service processes that run on the node. Recommended for production domains.
  • - Node. The domain uses one SPN and keytab file for the node and all services that run on the node. It also requires a separate SPN and keytab file for all HTTP processes on the node. Recommended for test and development domains. Recommended for test and development domains.
Default is process.