Service Principal Requirements for Kerberos Authentication
Effective in 9.6.1, when you configure the domain to use Kerberos authentication, you can specify whether nodes and services can share service principal names (SPN) and keytab files.
You can select one of the following service principal levels:
- Node Level
- If the domain does not require a high level of security, you can use one SPN and keytab file for the node and all the service processes on the node.
- Process Level
- If the domain requires a high level of security, create a unique SPN and keytab file for each node and each process on the node.
Previously, the Informatica domain required a unique SPN and keytab file for each node and each process on the node.