Informatica Administrator for Enterprise Data Catalog > Security Management > Domain Object Permissions

Domain Object Permissions

You configure privileges and permissions to manage user security within the domain. Permissions define the level of access a user has to a domain object. To log in to the Administrator tool, a user must have permission on at least one domain object. If a user has permission on an object, but does not have the domain privilege that grants the ability to modify the object type, then the user can only view the object.

You can configure permissions on the following types of domain objects:

You can use the following methods to manage domain object permissions:

•Manage permissions by domain object. Use the Permissions view of a domain object to assign and edit permissions on the object for multiple users or groups.
•Manage permissions by user or group. Use the Manage Permissions dialog box to assign and edit permissions on domain objects for a specific user or group.

Permissions by Domain Object

Use the Permissions view of a domain object to assign, view, and edit permissions on the domain object for multiple users or groups.

Assigning Permissions on a Domain Object

When you assign permissions on a domain object, you grant users and groups access to the object.

1. On the Manage tab, select the Services and Nodes view.

2. In the Navigator, select the domain object.

3. In the contents panel, select the Permissions view.

4. Click the Groups or Users tab.

5. Click Actions > Assign Permission.

The Assign Permissions dialog box displays all users or groups that do not have permission on the object.

6. Enter the filter conditions to search for users and groups, and click the Filter button.

7. Select a user or group, and click Next.

8. Select Allow, and click Finish.

Viewing Permission Details on a Domain Object

When you view permission details, you can view the origin of effective permissions.

1. On the Manage tab, select the Services and Nodes view.

2. In the Navigator, select the domain object.

3. In the contents panel, select the Permissions view.

4. Click the Groups or Users tab.

5. Enter the filter conditions to search for users and groups, and click the Filter button.

6. Select a user or group and click Actions > View Permission Details.

The Permission Details dialog box appears. The dialog box displays direct permissions assigned to the user or group, direct permissions assigned to parent groups, and permissions inherited from parent objects. In addition, permission details display whether the user or group is assigned the Administrator role which bypasses permission checking.

7. Click Close.

8. Or, click Edit Permissions to edit direct permissions.

Editing Permissions on a Domain Object

You can edit direct permissions on a domain object for a user or group. You cannot revoke inherited permissions or your own permissions.

Note: If you revoke direct permission on an object, the user or group might still inherit permission from a parent group or object.

1. On the Manage tab, select the Services and Nodes view.

2. In the Navigator, select the domain object.

3. In the contents panel, select the Permissions view.

4. Click the Groups or Users tab.

5. Enter the filter conditions to search for users and groups, and click the Filter button.

6. Select a user or group and click Actions > Edit Direct Permissions.

The Edit Direct Permissions dialog box appears.

7. To assign permission on the object, select Allow.

8. To revoke permission on the object, select Revoke.

You can view whether the permission is directly assigned or inherited by clicking View Permission Details.

9. Click OK.

Permissions by User or Group

Use the Manage Permissions dialog box to view, assign, and edit domain object permissions for a specific user or group.

Viewing Permission Details for a User or Group

When you view permission details, you can view the origin of effective permissions.

1. In the header of Infomatica Administrator, click Manage > Permissions.

The Manage Permissions dialog box appears.

2. Click the Groups or Users tab.

3. Enter a string to search for users and groups, and click the Filter button.

4. Select a user or group.

5. Select a domain object and click the View Permission Details button.

6. Click Close.

7. Or, click Edit Permissions to edit direct permissions.

Assigning and Editing Permissions for a User or Group

When you edit domain object permissions for a user or group, you can assign permissions and edit existing direct permissions. You cannot revoke inherited permissions or your own permissions.

Note: If you revoke direct permission on an object, the user or group might still inherit permission from a parent group or object.

1. In the header of Infomatica Administrator, click Manage > Permissions.

The Manage Permissions dialog box appears.

2. Click the Groups or Users tab.

3. Enter a string to search for users and groups and click the Filter button.

4. Select a user or group.

5. Select a domain object and click the Edit Direct Permissions button.

The Edit Direct Permissions dialog box appears.

6. To assign permission on the object, select Allow.

7. To revoke permission on the object, select Revoke.

You can view whether the permission is directly assigned or inherited by clicking View Permission Details.

8. Click OK.

9. Click Close.

Operating System Profile Permissions

Use the Configure Operating System Profiles dialog box to assign, view, and edit permissions on operating system profiles.

Assigning Permissions on an Operating System Profile

When you assign permissions on an operating system profile, PowerCenter users can run workflows assigned to the operating system profile.

1. On the Security tab, click Actions > Configure Operating System Profiles.

The Configure Operating System Profiles dialog box appears.

2. Select the operating system profile, and click the Permissions tab.

3. Select the Groups or Users view, and click the Assign Permission button.

The Assign Permissions dialog box displays all users or groups that do not have permission on the operating system profile.

4. Enter the filter conditions to search for users and groups, and click the Filter button.

5. Select a user or group, and click Next.

6. Select Allow, and click Finish.

Viewing Permission Details on an Operating System Profile

When you view permission details, you can view the origin of effective permissions.

1. On the Security tab, click Actions > Configure Operating System Profiles.

The Configure Operating System Profiles dialog box appears.

2. Select the operating system profile, and click the Permissions tab.

3. Select the Groups or Users view.

4. Enter the filter conditions to search for users and groups, and click the Filter button.

5. Select a user or group and click Actions > View Permission Details.

6. Click Close.

7. Or, click Edit Permissions to edit direct permissions.

Editing Permissions on an Operating System Profile

You can edit direct permissions on an operating system profile for a user or group. You cannot revoke inherited permissions or your own permissions.

Note: If you revoke direct permission on an object, the user or group might still inherit permission from a parent group or object.

1. On the Security tab, click Actions > Configure Operating System Profiles.

The Configure Operating System Profiles dialog box appears.

2. Select the operating system profile, and click the Permissions tab.

3. Select the Groups or Users view.

4. Enter the filter conditions to search for users and groups, and click the Filter button.

5. Select a user or group and click Actions > Edit Direct Permissions.

The Edit Direct Permissions dialog box appears.

6. To assign permission on the operating system profile, select Allow.

7. To revoke permission on the operating system profile, select Revoke.

You can view whether the permission is directly assigned or inherited by clicking View Permission Details.

8. Click OK.