PC8.5 - Level1 - Administrator - Student Guide PDF

PowerCenter 8.
5
Level I Administrator
Student Guide
Version L1A_20080313
PowerCenter 8.5 Level I Administrator Lab Guide

Version 03
March 2008
Copyright (c) 2008 Informatica Corporation.
All rights reserved. Printed in the USA.
This software and documentation contain proprietary information of Informatica Corporation and are provided under a license agreement
containing restrictions on use and disclosure and are also protected by copyright law. Reverse engineering of the software is prohibited. No
part of this document may be reproduced or transmitted in any form, by any means (electronic, photocopying, recording or otherwise)
without prior consent of Informatica Corporation.
Use, duplication, or disclosure of the Software by the U.S. Government is subject to the restrictions set forth in the applicable software
license agreement and as provided in DFARS 227.7202-1(a) and 227.7702-3(a) (1995), DFARS 252.227-7013(c)(1)(ii) (OCT 1988), FAR
12.212(a) (1995), FAR 52.227-19, or FAR 52.227-14 (ALT III), as applicable.
The information in this document is subject to change without notice. If you find any problems in the documentation, please report them
to us in writing. Informatica Corporation does not warrant that this documentation is error free. Informatica, PowerMart, PowerCenter,
PowerChannel, PowerCenter Connect, MX, and SuperGlue are trademarks or registered trademarks of Informatica Corporation in the
United States and in jurisdictions throughout the world. All other company and product names may be trade names or trademarks of their
respective owners.
Portions of this software are copyrighted by DataDirect Technologies, 1999-2002.
Informatica PowerCenter products contain ACE (TM) software copyrighted by Douglas C. Schmidt and his research group at Washington
University and University of California, Irvine, Copyright (c) 1993-2002, all rights reserved.
Portions of this software contain copyrighted material from The JBoss Group, LLC. Your right to use such materials is set forth in the
GNU Lesser General Public License Agreement, which may be found at http://www.opensource.org/licenses/lgpl-license.php. The JBoss
materials are provided free of charge by Informatica, as-is, without warranty of any kind, either express or implied, including but not
limited to the implied warranties of merchantability and fitness for a particular purpose.
Portions of this software contain copyrighted material from Meta Integration Technology, Inc. Meta Integration is a registered trademark
of Meta Integration Technology, Inc.
This product includes software developed by the Apache Software Foundation (http://www.apache.org/). The Apache Software is
Copyright (c) 1999-2005 The Apache Software Foundation. All rights reserved.
This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit and redistribution of this software is
subject to terms available at http://www.openssl.org. Copyright 1998-2003 The OpenSSL Project. All Rights Reserved.
The zlib library included with this software is Copyright (c) 1995-2003 Jean-loup Gailly and Mark Adler.
The Curl license provided with this Software is Copyright 1996-2007, Daniel Stenberg, <Daniel@haxx.se>. All Rights Reserved.
The PCRE library included with this software is Copyright (c) 1997-2001 University of Cambridge Regular expression support is provided
by the PCRE library package, which is open source software, written by Philip Hazel. The source for this library may be found at
ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre.
InstallAnywhere is Copyright 2005 Zero G Software, Inc. All Rights Reserved.
Portions of the Software are Copyright (c) 1998-2005 The OpenLDAP Foundation. All rights reserved. Redistribution and use in source
and binary forms, with or without modification, are permitted only as authorized by the OpenLDAP Public License, available at
http://www.openldap.org/software/release/license.html.
This Software is protected by U.S. Patent Numbers 6,208,990; 6,044,374; 6,014,670; 6,032,158; 5,794,246; 6,339,775 and other U.S. Patents
Pending.
DISCLAIMER: Informatica Corporation provides this documentation as is without warranty of any kind, either express or implied,
including, but not limited to, the implied warranties of non-infringement, merchantability, or use for a particular purpose. The information
provided in this documentation may include technical inaccuracies or typographical errors. Informatica could make improvements and/or
changes in the products described in this documentation at any time without notice.
Preface
Welcome to the PowerCenter 8.5 level One Administrator course.

Administrating a major software package such as PowerCenter is a considerable challenge which requires
a solid understanding of the software and careful planning. This course will prepare you for that
challenge by teaching you Informaticas proven architecture and best practices for successful
administration.
In the labs, you will document the PowerCenter environment according to established best practices.
You will practice the steps of installing and configuring PowerCenter 8.5 services, implementing domain
security and managing the repository. Project phase deployments as well as implementation of subject
area security are also examined. In all of this you will be guided by Informaticas Velocity methodology.
iii
About This Guide

Course Objectives
Welcome to the Upgrading to PowerCenter 8 course.
After completing this course, you should be able to:
Describe Informaticas Administrative best practices

Install and configure Informatica services and client tools
Implement domain security
Manage the repository
Deployments between repositories on same server
Deployments between servers
Subject Area security implementation
Audience
This course is designed for PowerCenter administrators or developers with minimal experience using
PowerCenter 8 or 8.5. You should also be familiar with basic database and data integration terminology
and comfortable with the use of the Microsoft Windows operating system.
Document Conventions
This guide uses the following formatting conventions:
If you see
It means
Example
>
Indicates a submenu to navigate to.
Click Repository > Connect.
In this example, you should click the Repository menu or button

and choose Connect.
boldfaced text
Indicates text you need to type or enter.
Click the Rename button and name the new source

definition S_EMPLOYEE.
UPPERCASE
Database tables and column names are shown

in all UPPERCASE.
T_ITEM_SUMMARY
italicized text
Indicates a variable you must replace with

specific information.
Connect to the Repository using the assigned login_id.
Note:
The following paragraph provides additional

facts.
Note: You can select multiple objects to import by

using the Ctrl key.
Tip:
The following paragraph provides suggested

uses or a Velocity best practice.
Tip: The m_ prefix for a mapping name is
Other Informatica Resources

In addition to the student guides, Informatica provides these other resources:
Informatica Documentation
Informatica Customer Portal
Informatica web site
Informatica Developer Network
Informatica Knowledge Base
Informatica Professional Certification
Informatica Technical Support
Obtaining Informatica Documentation

You can access Informatica documentation from the product CD or online help.
Visiting Informatica Customer Portal

As an Informatica customer, you can access the Informatica Customer Portal site at
http://my.informatica.com. The site contains product information, user group information, newsletters,
access to the Informatica customer support case management system (ATLAS), the Informatica
Knowledge Base, and access to the Informatica user community.
Visiting the Informatica Web Site

You can access Informaticas corporate web site at http://www.informatica.com. The site contains
information about Informatica, its background, upcoming events, and locating your closest sales office.
You will also find product information, as well as literature and partner information. The services area of
the site includes important information on technical support, training and education, and implementation
services.
Visiting the Informatica Developer Network

The Informatica Developer Network is a web-based forum for third-party software developers. You can
access the Informatica Developer Network at the following URL:
http://devnet.informatica.com
The site contains information on how to create, market, and support customer-oriented add-on solutions
based on interoperability interfaces for Informatica products.
Visiting the Informatica Knowledge Base

As an Informatica customer, you can access the Informatica Knowledge Base at
http://my.informatica.com. The Knowledge Base lets you search for documented solutions to known
technical issues about Informatica products. It also includes frequently asked questions, technical white
papers, and technical tips.
Obtaining Informatica Professional Certification

You can take, and pass, exams provided by Informatica to obtain Informatica Professional Certification.
For more information, go to:
http://www.informatica.com/services/education_services/certification/default.htm
Providing Feedback
Email any comments on this guide to education@informatica.com.
Obtaining Technical Support

There are many ways to access Informatica Technical Support. You can call or email your nearest
Technical Support Center listed in the following table, or you can use our WebSupport Service.
Use the following email addresses to contact Informatica Technical Support:
support@informatica.com for technical inquiries

support_admin@informatica.com for general customer service requests
WebSupport requires a user name and password. You can request a user name and password at
http://my.informatica.com.
North America / South America
Europe / Middle East / Africa
Asia / Australia
Informatica Corporation
Headquarters
100 Cardinal Way
Redwood City, California
94063
United States
Informatica Software Ltd.

6 Waltham Park
Waltham Road, White Waltham
Maidenhead, Berkshire
SL6 3TN
United Kingdom
Informatica Business Solutions

Pvt. Ltd.
301 & 302 Prestige Poseidon
139 Residency Road
Bangalore 560 025
India
Toll Free
877 463 2435
Toll Free
00 800 4632 4357
Toll Free
Australia: 00 11 800 4632 4357
Singapore: 001 800 4632 4357
Standard Rate
United States: 650 385 5800
Standard Rate
Belgium: +32 15 281 702
France: +33 1 41 38 92 26
Germany: +49 1805 702 702
Netherlands: +31 306 022 797
United Kingdom: +44 1628 511 445
Standard Rate
India: +91 80 5112 5738
0.1
Course Introduction
Module 0: Course Introduction
PowerCenter 8.5 Level 1 Administrator
Copyright 2008 Informatica Corp
0.2
Course Introduction
Module Agenda
> This module provides an introduction to:
Instructor and class participants
Training site information
Course:
> Audience and prerequisites
> Goal and objectives
> Methodology and materials
> Agenda
> Document conventions
Additional resources and technical support

Informatica Certification
2 of 26
0.3
Course Introduction
Instructor and Class Participants

> Who are you?
Name
Company
Role
> What is your prior experience?

Informatica Applications
Relational database
Programming
> How do you expect to benefit from this course?

3 of 26
0.4
Course Introduction
Training Site Information

> Bathrooms
> Class duration and breaks
> Telephones
> Meals and refreshments
> Fire Exits
> Questions?
4 of 26
0.5
Course Introduction
Course Audience
> This course is designed for Administrators of
PowerCenter 8.5
Server Administrators
PowerCenter Developers
5 of 26
0.6
Course Introduction
Course Prerequisites
> Skills assumed by the course material/required to
successfully complete the course
6 of 26
0.7
Course Introduction
Course Goal
> To enable participants to administer the
PowerCenter 8 Service-Oriented Environment
7 of 26
0.8
Course Introduction
Course Objectives
Describe, create and implement the primary elements
of PowerCenters Service Oriented Architecture.
Create and implement a PowerCenter Security Domain
Create and implement Deployment Strategies
Use Command-Line Scripting to perform many
administrative functions
Develop and implement a PowerCenter Recovery
Strategy
8 of 26
0.9
Course Introduction
Course Methodology
> Subject matter is delivered via:
Lecture and slide presentations
Software demonstrations
Class discussions
Hands-on labs
Simulated exercises
9 of 26
0.10
Course Introduction
Course Materials
> Student Guide
All slides presented during lecture
Notes that provide additional information and
references
> Lab Guide

Hands-on lab exercises and solutions
> Media
Best Practices PDF
10 of 26
0.11
Course Introduction
Overview of Course Flow

Unit 1.
PowerCenter 8.5
SOA
Unit 2.
Best Practices
Unit 3.
Implement
Environment
Unit 4.
Configuring
Services
Unit 5.
Unified Security
Unit 6.
Repository
Management
Unit 7.
Deployments
Unit 8.
Command-Line
Programs
Unit 7.
Subject Areas
11 of 26
0.12
Course Introduction
Document Conventions
If you see
It means
Example
>
Indicates a submenu to navigate

to
Click Repository > Connect.
Boldfaced text
Indicates text you need to type or

enter
Click the Rename button and name the new

source definition S_EMPLOYEE.
UPPERCASE
Database tables and column

names are all shown in
uppercase
T_ITEM_SUMMARY
Italicized text
Indicates a variable you must

replace with specific information
Connect to the Repository using the assigned

login_id.
Note:
The following paragraph contains

additional facts
Note: You can select multiple objects to import by

using the Ctrl key.
Tip:
The following paragraph provides

suggested uses or a Velocity best
practice
Tip: The m_ prefix for a mapping name is a

Velocity best practice.
In this example, you click the Repository menu or

button and choose Connect.
12 of 26
0.13
Course Introduction
Other Informatica Resources

> In addition to the student guides, Informatica
provides these other resources:
Informatica Customer Portal
Informatica Website
Informatica Developer Network
Informatica Knowledge Base
13 of 26
0.14
Course Introduction
> Can be accessed:
From the product CD
Using online help
14 of 26
0.15
Course Introduction
The Informatica Customer Portal

> Is available to Informatica customers and partners
at http://my.informatica.com
> This Website provides:
Product information
User group information
Newsletters
Access to ATLAS
Informatica Knowledge
Base
Access to the Informatica user community
15 of 26
0.16
Course Introduction
Accessing the Customer Portal

> Use your company email id to register
Once approved you will have
default access
> Default provides access to

Most recent documentation
Knowledge base
> Default does not provide access to online support

Use Project ID to request access to online support
Once approved you can create Service Requests
16 of 26
0.17
Course Introduction
The Informatica Corporate Website

> Can be accessed at
http://www.informatica.com
> This Website provides:
Corporate information
and background
Upcoming events
How to locate your nearest
sales office
Product information, literature, and partner information
Information on technical support, training, education,
and implementation services
17 of 26
0.18
Course Introduction
The Informatica Knowledge Base

> Can be accessed via the Customer Portal
http://my.informatica.com
> Contains
Documented solutions to known technical issues
Answers to frequently-asked
questions
(FAQs)
White papers
Technical tips
18 of 26
0.19
Course Introduction
Knowledge Base Search

> Generic
> Specific
19 of 26
0.20
Course Introduction
The Informatica Developer Network

> Can be accessed at
http://devnet.informatica.com
> Is a Web-based
forum for third-party
software developers
> Contains information
on:
How to create, market, and support customer-oriented
add-on solutions
Based on interoperability interfaces for Informatica
products
20 of 26
0.21
Course Introduction

> Can be accessed by:
Calling or emailing your nearest Technical Support
Center
> See Student Note
Emailing Informatica Technical Support directly:

> Technical inquiries: support@informatica.com
> General customer service requests:
support_admin@informatica.com
Online using the Informatica WebSupport Service

> Obtain a username and password at
http://my.informatica.com
Informatica Technical
Support Centers
North America/South America
21 of 26
Informatica Corporation
Headquarters
100 Cardinal Way
Redwood City, CA, 94063 United
States
Toll Free 877 463 2435
Standard Rate US 650 385 5800
Europe/Middle East/Africa
45
Asia/Australia
Informatica Business Solutions

Pvt. Ltd.
301 & 302 Prestige Poseidon
139 Residency Road
Bangalore 560 025 India
Toll Free
Australia 00 11 800 4632 4357
Singapore 001 800 4632 4357
Standard Rate India +91 80 5112

5738
0.22
Course Introduction
Creating a Service Request

> Check the Knowledge Base to see if a solution
exists
If so, a Service Request is not required
> On the Online Support page, navigate to the

Service Requests tab
> Click the New button
22 of 26
0.23
Course Introduction
Creating a Service Request Continued

> On the service request form, fill out all required
fields
In the Description field, give as much relevant detail as
possible so engineers can recreate the problem if
necessary
> Click Submit
23 of 26
0.24
Course Introduction
Informatica Certification Program

> We need to develop a set of boilerplate slides to
put here for courses leading to certification
Basic information slide
Benefits of certification slide
Certification path slide (diagram?)
Study guidelines?
Information about certification tests
24 of 26
0.25
Course Introduction
Summary
> This module provided an introduction to:
Instructor and class participants
Training site information
Course:
> Audience and prerequisites
> Goal and objectives
> Methodology and materials
> Agenda
> Document conventions
Additional resources and technical support

Informatica Certification
25 of 26
Course Introduction
0.26
1.1
Primary Elements of PC8.5 SOA
Module 1: Primary Elements of PC8.5 SOA
1.2
Module Objectives
After completing this module you will be able to:
Discuss the essentials of the PowerCenter 8.5 Architecture
Why you need these skills/Why you need to know:

Provides the student include a high-level understanding
of the PowerCenter 8.5 Architecture.
2 of 18
1.3
PowerCenter 8.5 Architecture

ODBC
1
Sources
Native drivers/
ODBC
Domain
Integration
Service
Native drivers/
ODBC
Targets
TCP/IP
TCP/IP
ODBC
TCP/IP
Repository
Service
Repository
Service Process
PowerCenter Client
HTTPS
Administration
Console
Security Domain
Native drivers
Repository
3 of 18
Security Domain - a collection of user accounts and groups in a PowerCenter

domain. User account information for each security domain is stored in the
domain configuration database.
1.4
Domain Node
A logical name assigned to a physical machine
Node has physical attributes (HostName, PortNo)
Each node runs a Service Manager

Two types: Gateway and Worker Nodes
4 of 18
1.5
Gateway Node
Created during installation
Additional Gateway Nodes can be created as
backups
One Gateway Node serves as the Master
The Master Gateway Node receives requests from
clients and routes them to the appropriate services
Purpose of the Gateway node:
Starts up and manages services running on the domain

Manages domain configuration metadata
Provides service lookup for clients
Checks for service availability
Coordinates failover of services
Note
5 of 18
Every domain must have one and only one node designated as the Gateway
node. However, with the High Availability feature, one or more backup gateway
nodes may also be designated for failover.
1.6
Worker Node
Can run Application Services
Can not act as a Gateway
Uses information from the nodemeta.xml file to connect
to the domain
6 of 18
1.7
PowerCenter 8 Services
The functionality of PowerCenter 8 is provided by
services, including:
Service Manager
Manages application services
Provide functions internal to the workings of the product
Always required and running
Application Services
Configured by Informatica Administrator
Provides key visible functions
External clients directly interact with these services
7 of 18
Note
The terms PowerCenter Server and Repository Server are no longer used in
PowerCenter 8.
The key application services are:

Repository Service
Integration Service
SAP BW Service
Web Services Hub
The SAP BW Service and Web Services Hub are beyond the scope of this
course.
1.8
Service Manager
Primary control point for PowerCenter Services
Runs as a lightweight service on a Web application
server - Tomcat
Provides functions including:
Security: authentication and authorization
Configuration: domains and nodes
General functionality: alerts, licensing, and logging
The Informatica Service

On Windows, Informatica Services 8.5 in the Control
Panel Services
On Unix, the infaservice.sh script
8 of 18
1.9
Service Manager Example

1
PowerCenter
Service
Manager
Repository
Database
Web Services
Hub Service
Gateway
(Backup)
SAP BW
Service
Logs
Integration
Service
Grid
Gateway
(Primary)
Domain
Metadata
Log
Operation
9 of 18
1.10
Application Services Example

PowerCenter
Application
Services
Integration
Service (B)
Repository
Database
Web Services
Hub Service
Repository
Service (P)
Logs
SAP BW
Service
Integration
Service
Grid
Master
Gateway
Domain
Metadata
Integration
Service (P)
Repository
Service (B)
Note
10 of 18
Though in these diagrams each of the various services is shown as residing on

a separate machine this is not necessarily the case, and generally is not.
1.11
PowerCenter 8.5 Logs

The log function is provided by the Service Manager
Two functions provide logging:
Log Manager implemented at the gateway node

Log Agent implemented at all other nodes in the domain
which run an integration service
11 of 18
Log Manager runs on the master gateway node. It collects and processes log events for
Service Manager domain operations and application services. The log events contain
operational and error messages for a domain. The Log Manager receives log events from
the Service Manager and the application services. When the Log Manager receives log
events, it generates log event files. Those log events files are viewable in the
Administration Console.
The Log Agent runs on the nodes to collect and process log events for session and
workflows. Sessions log events include information about the tasks performed by the
Integration Service, session errors, and load summary and transformation statistics for
the session. Workflow log events include information about tasks performed by the
Integration Service, workflow processing, and workflow errors. Session and Workflow log
events are viewable with the Log Events window in the Workflow Monitor.
1.12
Domain Administration
Single primary PowerCenter Administrator
Created during installation
Other Administrators can be assigned ownership
(write permission) for:
Nodes
Services
Folders, including nested folders
Write permission cascades

Example: write permission for a folder includes all objects
in the folder
12 of 18
1.13

IC3
Domain Metadata
Domain metadata is stored in an RDBMS
Stored in small set of tables using BLOBs
Upgrade plan must include a schema for these
tables
Typically <10Mb
Domain Metadata
Authentication
Configuration
Resource Map
13 of 18
Note
Currently, the domain metadata repository contains four tables.
Slide 13
IC3
Why do you say that there are only 4 tables? It looks to me that there are 11 tables comprising the domain
metadata.
Informatica Corporation, 3/4/2008
1.14

IC4
Domain Configuration Schema

Stores metadata for domain configuration
Six tables, prefixed with PCSF_
PCSF_CPU_USAGE_SUMMARY
PCSF_DOMAIN
PCSF_MASTER_ELECTION
PCSF_MASTER_ELECT_LOCK
PCSF_REPO_USAGE_SUMMARY
PCSF_RUN_LOG
All gateway nodes must have a connection to the

domain configuration schema
Service Manager on master gateway node manages the
domain configuration
14 of 18
Each time you make a change to the domain, the Service Manager writes the change to the domain
configuration. For example, when you add a node to the domain, the Service Manager adds the node
information to the domain configuration. The gateway nodes use a JDBC connection to access the domain
configuration database.
Perform the following domain configuration management tasks:
Back up the domain configuration
Restore the domain configuration
Migrate the domain configuration
Configure the connection to the domain configuration database
Custom properties - Use custom properties only if Informatica Global Customer Support instructs
you to do so
Slide 14
IC4
Same here, it looks to me that there are 11 tables comprising the domain metadata. The new security tables
are not included here.
Informatica Corporation, 3/4/2008
1.15
PowerCenter 8.5 Packaging

One installation DVD or electronic software
download
Includes both Advanced and Standard Edition

Includes both Unix and Windows versions
Access to features is controlled by license key
License Key File shipped electronically

Documentation DVD
15 of 18
1.16
PC8 Installation and Configuration

2 Installers
Services
Client
Option to Upgrade
Minimal Install requires:

Install Services
Must create or Join a Domain
Must define and configure Node
Install Client Tools
Informatica is one Service to the OS
16 of 18
1.17
Summary
This module showed you how to:
Discuss the essentials of the PowerCenter 8.5 Architecture
Why you need to know:

Provides the student include a high-level understanding
of the PowerCenter 8.5 Architecture.
17 of 18
1.18
2.1
Best Practices
Module 2: Best Practices
PowerCenter 8 Level I Administrator
2.2
Best Practices
Module Objectives
Configure a PowerCenter 8.5 environment using
recognized Best Practices

Educate the student to use all the knowledge and
technology at one's disposal to ensure success
2 of 20
2.3
Best Practices
Naming Conventions
Velocity Best Practices recommend naming
conventions for Administrative objects
Smoothes migrations
Improves readability
Whether or not you use the recommended

conventions, Best Practices strongly urges that you use
some naming conventions
Failure to do so can result in significant lost time with
interpretations
Effective use of description fields also adds with future
interpretations
3 of 20
2.4
Best Practices
Repository Objects
Should be named descriptively
L for Local or G for Global
Service Type prefix
Velocity Recommends REPO_SVC
Purpose for the object

For Example Project Name, Subject Area name
Project Phase descriptor

Dev, Test or Prod
Example: G_REPO_SVC_CustomerMaster_Dev would equate

to a global repository for Customer Master data in the
Development environment
4 of 20
2.5
Best Practices
Folders and Groups

Folder and group names should include their project
name
If more than one folder/group for a project, add
description
Example: DW_SALES_US and DW_SALES_UK are associated

with the same project (DW) and the same group (SALES)
Individual developer folders and non-prod folders

should begin with z_
Group them together
Avoids confusion with working folders
5 of 20
2.6
Best Practices
ODBC Data Source Names

Should be named consistently on all client machines
PowerCenter uniquely describes a source by its Database
Data Source (DBDS) name, which is the same as the ODBC
DSN
Using different names risks analyzing the same table under
multiple names
Should be configured as System DSNs so all users can

see them
Provides consistency when collaborating on colleagues
machines
Do not use project phase descriptors (e.g., dev) in the

ODBC DSN
The DSNs migrate with the sources and targets you do not
want a dev DSN in your prod repository!
6 of 20
If ODBC DSNs are different across multiple machines, there is a risk of analyzing the same table
using different names. For example, machine1 has ODBS DSN Name0 that points to database1.
TableA gets analyzed in on machine 1. TableA is uniquely identified as Name0.TableA in the
repository. Machine2 has ODBS DSN Name1 that points to database1. TableA gets analyzed in on
machine 2. TableA is uniquely identified as Name1.TableA in the repository. The result is that the
repository may refer to the same object by multiple names, creating confusion for developers,
testers, and potentially end users.
Also, refrain from using environment tokens in the ODBC DSN. For example, do not call it
dev_db01. When migrating objects from dev, to test, to prod, PowerCenter can wind up with
source objects called dev_db01 in the production repository. ODBC database names should
clearly describe the database they reference to ensure that users do not incorrectly point sessions
to the wrong databases.
2.7
Best Practices
ODBC Data Source Names (Contd)

Should be named with database descriptor and connect
string.
Use the @ or _ to separate descriptors
Examples
DatabaseName@ConnectString
E.g. - custInfo@EDW
7 of 20
2.8
Best Practices
Database Connections
Ideally should be User_DatabaseName
However, security considerations may apply follow those
first and foremost
Do not use
Machine names
Project phase descriptors (Dev, Test or Prod)
The same naming convention should be used across

all project phases.
Ideally created by project administrators only
Use permission options to protect connections
Avoid developers creating their own connections
8 of 20
Database connection names must be very generic to be

understandable and ensure a smooth migration.
2.9
Best Practices
Database Connections (Contd)

Examples
User_DatabaseName
E.g. - ordersUser@EDW
9 of 20
2.10
Best Practices
Domain and Application Objects

Domains
Nodes
DOM_Project_ProjectPhase Descriptor
or
DMN_Project_ProjectPhaseDescriptor
NODE(#)_ServerName_(optional descriptor)
Integration Services
INT_SVC_ProjectPhaseDescriptor_(optional
descriptor)
Repository Services
REPO_SVC_ProjectPhaseDescriptor_(optional
descriptor)
Web Services
WEB_SVC_ProjectPhaseDescriptor_(optional
descriptor)
10 of 20
2.11
Best Practices
Domain Configurations
PC8.5 Domain Architecture
Simplified administration of disparate PowerCenter services
across the enterprise
Allows for grouping of services and objects based on
ownership
Single point of entry to administrator the PowerCenter

environment that can span multiple nodes
Key Domain Components

Master Gateway
Shared File System
Domain Metadata
11 of 20
2.12
Best Practices
PowerCenter Domain Examples

Single PowerCenter
Node
DOM_MyCompany
Master Gateway
Service
Manager
Web
Services
Hub
Log
Service
Integration
Service
Repository
Service
Any number of services

can exist on one node
That one node is the
master gateway
Single PowerCenter
Domain for Dev, Test
and Prod
Multiple Divisions
within the company
have projects on single
installation
Node_01
Repository
12 of 20
2.13
Best Practices
PowerCenter Domain Examples

Multiple PowerCenter
Nodes
DOM_MyCompany
Master Gateway
Service
Manager
Log
Service
Service
Manager
Integration
Service
Repository
Service
Node_01_HR
Single Domain
Installation exists on
more than one node
Grid Functionality
available
Distributed Services
Node_02_HR
Services can be
distributed on several
nodes within a single
domain
More Nodes can be

installed per company
division
13 of 20
2.14
Best Practices
Complete Distribution Example

Dom_Dev_Test
Dev/Test Domain
Master Gateway
Log
Service
Isolated from Prod

server
Services be installed
on one or more nodes
More nodes can be
added for additional
company divisions
Service
Manager
Integration
Service
Repository
Service
Node_01_HR_Dev
Services can be
distributed across
domains
14 of 20
2.15
Best Practices
Complete Distribution Example (Contd)

Prod Domain
Master Gateway
Log
Service
Service
Manager
Service
Manager
Integration
Service
Repository
Service
Node_01_HR_Prod
Node_02_HR_Prod
Isolated from Dev/Test

environment
Services within Prod

Domain
Can be distributed to
execute on separate
nodes
Or multiple services
can exist on one
node/division
15 of 20
2.16
Best Practices
Security Configurations
Domain Folders can be used to
better secure domain objects
and services
Can contain Nodes, Services,
Grids, Licenses, and other Folders
Domain folder type

Functionality
Object
Environment
Create User Accounts

Set permissions and privileges to
the folders the user needs to
access
16 of 20
2.17
Best Practices
Domain Documentation
Host Directory Structure Document
Velocity Document used to detail the organizations
PowerCenter Environment
Multiple Domains will require multiple documents

Describes the Domain, Nodes, Application Services,
Process Variables, etc.
This document can be modified to serve the
customers organizational needs
17 of 20
2.18
Best Practices
Host Directory Structure - Example
18 of 20
2.19
Best Practices
Module 2 Lab: Naming Practice

In this lab you will
Document Domain architecture requirements for Mersche
Motors using the Host Directory Structure document
19 of 20
2.20
Best Practices
Summary
Configure a PowerCenter 8.5 environment using
recognized Best Practices

Educate the student to use all the knowledge and
technology at one's disposal to ensure success
20 of 20
3.1
Implementing a PC 8.5 Environment
Module 3: Implementing a PC 8.5 Environment
3.2
Module Objectives
Prepare for and Install PowerCenter 8.5.
This module will enable the Administrator to smoothly
implement PowerCenter 8.5 components.
2 of 29
3.3
PowerCenter 8.5 Installation

PowerCenter Installer can be run several times to
install PC components on multiple host machines
When the Installer is exectued for the first time, a
Domain and Node are created.
Each subsequent installation can then create a Node
and join the existing Domain or create a new Domain.
After PowerCenter 8.5 is installed, the Administration
Console is used to create and configure PC services
and Domain objects
3 of 29
3.4

To Install PowerCenter 8.5, complete the following
tasks:
Complete the pre-installation tasks
Install PowerCenter 8.5 services
Install PowerCenter 8.5 clients
Create Repositories and Services
4 of 29
3.5

Pre-Installation tasks
Pre-Install Steps Pre-Install Task
1
Review the installation prerequisites and verify

that the environment meets the requirements.
Create schema/user that contains the
PowerCenter domain configuration tables.
Determine the machines and port numbers to
run PowerCenter Services in the domain.
Create host system user account to own the
installation files and possibly the Powercenter
output files.
Configure environment variables to install
PowerCenter.
Create a keystore file to use a secure
connection with HTTPS.
2
3
4
5
6
5 of 29
3.6

Server Installation Wizard
6 of 29
3.7

7 of 29
3.8

8 of 29
3.9

9 of 29
3.10
HTTPS Configuration
Create or use existing keystore
Select this
option to use
a keystore file
you specify.
The keystore
file can be
self signed or
signed by a
certification
authority.
Select this
option to
use a selfsigned
keystore file
generated
by the
PowerCenter
installer.
Specify the
port number
to use.
Specify the
port number
and the
location and
password of
the keystore.
10 of 29
3.11
HTTPS
Domain.
Create or specify a keystore file to configure HTTPS
Configure an HTTPS port for the Administration Console
Or use the defineDomain, defineGatewayNode or
defineWorkerNode command line programs.
Metadata Manager
Specify the HTTPS ports for Metadata Manager and Reporting
Service when you create the services in the Administration Console.
Data Analyzer.
Create or specify a keystore file to configure HTTPS.
When you create a Reporting Service in the PowerCenter
Administration Console, you specify the HTTPS port for Data
Analyzer.
11 of 29
3.12

Pre-Installation Summary
12 of 29
3.13
Installation Progress Screen

Creation of License object, installation directory, shared
host directory, HTTPS configuration, etc
13 of 29
3.14
Create or Join Domain
Choose to join
a domain if you
have created a
PowerCenter
domain on
another
machine and
you want to
add the current
machine as a
node in the
domain.
Choose to
create a
domain if
you are
installing
PowerCenter
for the first
time or you
are installing
PowerCenter
on a single
machine.
14 of 29
3.15
Domain Database Creation

Configure domain database type, URL, UserID/Password,
etc
15 of 29
3.16
Domain Configuration
Name the domain, provide host name, port no, etc
16 of 29
3.17
Node Configuration
Progress Screen
17 of 29
3.18
Configure Informatica Services

Indicates whether the

current Windows user
account that installs
Informatica Services
also runs Informatica
Services.
If selected, enter the
user name and
password of the user
account to run
Informatica Services.
18 of 29
3.19
Post Installation Summary

Installation Status
19 of 29
3.20
Client Installation Wizard
20 of 29
3.21
Welcome Screen
Introduction to install
21 of 29
3.22
Installation Prerequisites
Space Requirements, Preinstallation tasks
22 of 29
3.23
Installation Directory
23 of 29
3.24
Pre-Installation Summary
Product Name, Installation Directory, Shortcut folder, Disk
Space Information
24 of 29
3.25
Client Installation Wizard

Progress screen
25 of 29
3.26
PowerCenter 8.5 Installation Summary

Installation Status
26 of 29
3.27
Installation Complete
Select Client Applications to launch
27 of 29
3.28
Module 3 Lab: Install PowerCenter 8.5 Services and

Clients
Use PowerCenters Installation Wizard to install services
and clients for Mersche Motors Company
28 of 29
3.29
Summary
Prepare for and Install PowerCenter 8.5.
29 of 29
3.30
4.1
Configuring PC 8.5 Services
Module 4: Configuring PC 8.5 Services
4.2
Module Objectives
Configure a PowerCenter 8.5 application services using
Best Practice standards
This module will enable the Administrator to properly
create and configure PowerCenter 8.5 Services
2 of 50
4.3
PowerCenter 8.5 Administration Console
3 of 50
4.4
Administration Console Tabs

Domain Tab
Navigator Window
Main Window
Logs Tab
Permissions Tab
Reports Tab
Upgrade Tab
Manage Account Tab
4 of 50
4.5

abs
4
Main Window
Domain Objects Navigator
Legend
5 of 50
4.6
Domain Tab Navigator

Shows Domain Objects
Create and Delete Objects
Move Objects into Folders
6 of 50
4.7
Domain Tab Overview

Legend
7 of 50
4.8
Domain Properties Tab
8 of 50
4.9
Domain Resources Tab
9 of 50
4.10
Domain Permissions Tab
10 of 50
4.11
Domain Log Management Tab
11 of 50
4.12
Nodes
When Powercenter services are installed a machine is
added to the domain as a node
Multiple nodes can be added to a domain
Each node in the domain runs a Service Manager
Service Manager manages domain operations on that node
The operations that the Service Manager performs depend on
the type of node
A node can be a gateway node or a worker node

Subscribe to alerts to receive notification about node
events such as node failure or a master gateway
election.
12 of 50
4.13
Gateway Node
One node acts as the gateway for the domain at any given
time
Can execute application services
Can serve as a master gateway node
The master gateway node is the entry point to the domain.

The Service Manager on the master gateway node:
Performs all domain operations on the master gateway node
More than one node can be configured to serve as a

gateway
If the master gateway node becomes unavailable, the Service
Manager on other gateway nodes elect another master gateway
node. If you configure only one node to serve as the gateway and
the node becomes unavailable, the domain cannot accept service
requests.
13 of 50
4.14
Worker Node
Any node not configured to serve as a gateway
Can run application services, but it cannot serve as a
gateway.
The Service Manager performs limited domain
operations on a worker node.
14 of 50
4.15
Node Properties Tab
Start and Stop

Node
Edit Node
Properties
Node
Properties
15 of 50
4.16
Node Processes Tab
16 of 50
4.17
Node Resources Tab
17 of 50
4.18
Node Permissions Tab
18 of 50
4.19
Application services represent PowerCenter serverbased functionality.
Application services include:
Repository Service
Integration Service
Reporting Service
Metadata Manager Service
Web Services Hub
SAP BW Service.
When you configure an application service, you

designate the node where it runs.
19 of 50
4.20
Repository Service
Manages the repository
Retrieves, inserts, and updates metadata in the
repository database tables
If the service process fails or the node becomes
unavailable, the service fails
The high availability option allows the administrator to
configure the service to run on primary and backup
nodes
By default, the service process runs on the primary
node
If the service process fails, a new process starts on the
same node. If the node becomes unavailable, a service
process starts on one of the backup nodes.
20 of 50
4.21
Repository Service Actions Tab
21 of 50
4.22
Repository Service Properties Tab
22 of 50
4.23
Repository Service Processes Tab
23 of 50
4.24
Repository Service Connections Tab
24 of 50
4.25
Repository Service Locks Tab
25 of 50
4.26
Repository Service Plug-ins Tab
26 of 50
4.27
Repository Service Lineage Tab
27 of 50
4.28
Repository Service Permissions Tab
28 of 50
4.29
Repository Service Logs Tab
29 of 50
4.30

Creating a Repository Service
Create New Repository

Restore Repository
Contents from Backup
30 of 50
4.31
Repository Service and Service Manager

PowerCenter services can reside on multiple nodes in a
domain
The Service Manager directs client requests to the
appropriate Repository Service process
Domain
PowerCenter
Clients
Node A
(Gateway)
Node B
Service
Manager
Service
Manager
App Services
App Services
Repository
Service
4
Repository
31 of 50
4.32
Integration Service
Moves data from sources to targets based on workflow
and mapping metadata stored in a repository
When a workflow starts, the Integration Service
retrieves mapping, workflow, and session metadata
from the repository
It extracts data from the mapping sources and stores
the data in memory while it applies the transformation
rules configured in the mapping
The Integration Service loads the transformed data into
one or more targets.
32 of 50
4.33
Integration Service Properties Tab
33 of 50
4.34
Integration Service Assoc Repository Tab
34 of 50
4.35
Integration Service Processes Tab
35 of 50
4.36
Integration Service Permissions Tab
36 of 50
4.37
Integration Service Logs Tab
37 of 50
4.38

Creating an Integration Service
38 of 50
4.39

Creating an Integration Service
39 of 50
4.40

Configuring an Integration Service
Service Process
Variables
40 of 50
4.41
Reporting Service
Executes the Data Analyzer application in a PC domain.
The Data Analyzer can be used to create and execute
reports on data in a relational database or to run the
following PowerCenter reports:
PowerCenter Repository Reports

Data Profiling Reports
Metadata Manager Reports
Organizational reports can also be executed
Not a highly available service

However, multiple Reporting Services can be executed on the
same node.
Configure a service for each data source

Create the data sources in Data Analyzer for a single reporting
service
41 of 50
4.42
Metadata Manager Service

Executes the Metadata Manager application
Manages connections between the Metadata Manager
components
Used to browse and analyze metadata from disparate
source repositories
Can load, browse, and analyze metadata from application,
business intelligence, data integration, data modeling, and
relational metadata sources
Can be configured to run on only one node

However, multiple Metadata Manager Services can be
executed on the same node.
42 of 50
4.43
Web Services Service

Receives requests from web service clients
Exposes PowerCenter workflows as services
Does not run an associated service process
It executes within the Service Manager.
43 of 50
4.44
SAP BW Service
Listens for RFC requests from SAP BW
Initiates workflows to extract from or load to SAP BW
However can configured it to run on one node.
44 of 50
4.45
License Properties Tab
Add Incremental
Key
Edit License
Properties
45 of 50
4.46
License Assigned Services Tab
46 of 50
4.47
License Permissions Tab
47 of 50
4.48
License Objects Properties

Main Window
Add Incremental Key

Edit License Properties
48 of 50
4.49
Module 4 Lab: Create and Configure PowerCenter 8.5

Services
Use PowerCenters Administration Console to create and
configure repository and integration services
49 of 50
4.50
Summary
Configure a PowerCenter 8.5 application services using
Best Practice standards
50 of 50
5.1
Unified Security
Module 5: PowerCenter 8.5 Unified Security
5.2
Unified Security
Module Objectives
Differentiate between the following PowerCenter Security
Elements of Users, Groups, Roles, Privileges and OS
Profiles

Benefits to the student include improving compliance with
internal security by using PowerCenter 8.5 Security Model
Module 5: Unified Security
2 of 71
5.3
Unified Security
PowerCenter 8.5 Security Model

Users entity that logs in to Informatica applications
Groups combinations of users and/or other groups
Privileges allowable actions over object types such as
Repository Service
Roles collection of privileges
Users, groups, privileges, roles centrally managed in the
Administration Console
Permissions access control over object instances such
as the development instance of the Repository Service
Currently managed in each application
Privileges are activated on an object instance by setting

the permissions in each client application
5
3 of 71
5.4
Unified Security
Security Administration
Users and groups
Can be created in PowerCenter Administration Console and
use PowerCenter authentication
Can be imported/synchronized from external Enterprise
Directory System and use LDAP authentication
Privileges
Defined in the Security Domain Page of the Administration
Console
Defined for each service type (such as Repository Service,
Reporting Service, Metadata Manager Service etc..)
Can be assigned to a custom role or directly to users/groups
4 of 71
5.5
Unified Security
Unified User, Group and Privilege Administration
Users and Groups

Can access multiple
Informatica Tools
Roles System
Defined and Custom
Users and Privileges

Assign privileges to
perform specific
activities at service level
5
5 of 71
5.6
Unified Security
Encryption
When you log into a PowerCenter Application,
PowerCenter encrypts the password
Authentication
When you log in to a PowerCenter application, the
Service Manager authenticates your user account
based on your user name and password or on your
user authentication token
Authorization
When you request an object in a PowerCenter
application, the Service Manager and application
services authorizes the request based on your
privileges, roles and permissions
6 of 71
5.7
Unified Security
5
7 of 71
5.8
Unified Security
Users
5.9
Unified Security
Users
A PowerCenter domain can have the following types of
user accounts:
Default administrator
Domain administrator
Application administrator
User
Need user account to:

Access the services and objects in the PowerCenter domain
Use the PowerCenter applications
Users can perform tasks based on the role, privileges

and permissions granted the them
5
9 of 71
5.10
Unified Security
Create User
10 of 71
5.11
Unified Security
Create User (contd)
Edit User
Properties
5
11 of 71
5.12
Unified Security
Verify Privileges
12 of 71
5.13
Unified Security
LDAP Integration
Users can also be created using LDAP
Requires a registered plug-in
Enterprise Directory integration
Import both users and groups for LDAP authentication
Secure option to connect (through SSL)
Can specify multiple search bases and filters to use when
importing
Configure frequency of synchronization
5
13 of 71
5.14
Unified Security
Configure LDAP Connectivity
LDAP
Connectivity
Properties
14 of 71
5.15
Unified Security
Configure LDAP Import

Specify searches and filters to import users/groups from LDAP
Security
Domain
Properties
5
15 of 71
5.16
Unified Security
Configure Frequency of Synchronization

Configure synchronize for group and users to imports from
LDAP
LDAP
Synchronization
Times
16 of 71
5.17
Unified Security
Supported Enterprise Directory Systems
Microsoft Active Directory (2000, 2003)

Sun Java System Directory Server (5.2, 6)
Novell e-Directory Server (8.7, 8.8)
IBM Tivoli Directory Server (5.2, 6.0, 6.1)
OpenLDAP (2.3)
5
17 of 71
5.18
Unified Security
Groups
5.19
Unified Security
Create Group
5
19 of 71
5.20
Unified Security
Assign Users to Groups
20 of 71
5.21
Unified Security
Assign Users to Groups (contd)
5
21 of 71
5.22
Unified Security
A Completed Group Overview Tab
Group
Properties
and Users
22 of 71
5.23
Unified Security
A Completed Group Privileges Tab
Group
Privileges
5
23 of 71
5.24
Unified Security
Lab A: Explore PC8.5 Unified Security

Create Users and Groups for the Mersche Motors
Domain based on requirements that have been
previously gathered
24 of 71
5.25
Unified Security
Privileges
5.26
Unified Security
Privileges
Privileges determine the actions a user can perform on
Domain objects
The Domain and Application Service Privileges are
grouped into Privilege Groups
A Privilege Group is an organization of Privileges that
define common user actions.
The Privilege Groups are as follows:
Domain
Repository
Metadata Manager
Reporting Service
26 of 71
5.27
Unified Security
Domain Privileges
Domain Privileges determine the actions that users
can perform using the
infacmd and pmrep command line programs
Domain Privileges include:

Domain Administration (Nodes, Grids, Services)
Execute, Manage
Manage Execution
Manage Users & Groups
Grant Privileges & Permissions
Tools Access
5
27 of 71
5.28
Unified Security
Domain Privileges for a User
Users
Domain
Privileges
Selected
User
28 of 71
5.29
Unified Security
Edit Domain Privileges
5
29 of 71
5.30
Unified Security
Repository Service Privileges

Determine actions that users can perform using
Designer & Repository Manager
Workflow Manager & Monitor
pmrep & pmcmd command line programs
Repository Service Privileges include:

Folder Create, Copy & Manage Versions
Runtime Objects Create, Edit, Delete, Manage
Versions, Monitor, Execute, Manage Execution
Global Objects Create Connections, Manage
Deployment Groups, Create Labels, Create Queries
Tools Access all Client Tools
Design Objects Module 5: Unified Security
30 of 71
5.31
Unified Security
Repository Service Privileges for a User
Users
Repository
Service
Privileges
Selected
User
5
31 of 71
5.32
Unified Security
Edit Repository Service Privileges
32 of 71
5.33
Unified Security
Reporting Service Privileges for a User
Users
Reporting
Service
Privileges
Selected
User
5
33 of 71
5.34
Unified Security
Reporting Service Privileges
34 of 71
5.35
Unified Security
Roles
5.36
Unified Security
Roles
A Role is a collection of Privileges.
Two types of roles can be assigned
System Defined
Created by PowerCenter
Cannot be deleted or edited (e.g. - Service Administrator;
Domain Administrator)
Custom
Canned Custom Roles created by PowerCenter
Can be edited or deleted
Can create additional custom roles (e.g. - PowerCenter
Developer; PowerCenter Operator)
Roles can be assigned to either a group or a user on a taskspecific basis to one or more services
36 of 71
5.37
Unified Security
Roles (contd)
System roles cant be deleted
Administrator role is a super-user for a service
Domain Administrator role is a super-user of all
application services, nodes, grids in domain
5
37 of 71
5.38
Unified Security
Domain Administrator Role

Super-user for all application services, nodes and grids in
domain
Has permissions to all objects in the domain, including the
domain object itself
Has all privileges in the domain
Other implicit privileges
Configure a node as a gateway node

Create, edit and delete the domain
Configure SMTP
Configure service levels in the domain
Shut down domain
Receive domain alerts
Export and truncate domain logs
Configure restart of service processes
38 of 71
5.39
Unified Security
Service Administrator Role

Has all privileges for any service instance
Has all permissions to all objects in that Repository and
Application Service
Has implicit owner permissions
Can delete any object in the Repository and Application
Service
Can grant permissions to any user on any object in the
Repository and Application Service
5
39 of 71
5.40
Unified Security
Create Role
Create Role
Custom Roles
40 of 71
5.41
Unified Security
Role Properties
5
41 of 71
5.42
Unified Security
Privilege Groups
42 of 71
5.43
Unified Security
Role Privileges - Domain
5
43 of 71
5.44
Unified Security
Role Privileges Metadata Manager Service
44 of 71
5.45
Unified Security
Role Privileges Repository Service
5
45 of 71
5.46
Unified Security
Role Privileges Reporting Service
46 of 71
5.47
Unified Security
Custom Roles
Custom
Role
Properties
5
47 of 71
5.48
Unified Security
Assigning Role to Group
Edit
Group
48 of 71
5.49
Unified Security
Assign Role to Group (contd)
5
49 of 71
5.50
Unified Security
Assign Additional Privileges to Group
50 of 71
5.51
Unified Security
Role Assigned to Group
5
51 of 71
5.52
Unified Security
Lab B: Explore PC8.5 Unified Security

Create Roles and Privileges and assign them to Users or
Groups based on requirements that have been
previously gathered
52 of 71
5.53
Unified Security
5.54
Unified Security
Domain Object Permissions

Permissions by User
Permissions by
Object
54 of 71
5.55
Unified Security
Domain Permissions - By User
5
55 of 71
5.56
Unified Security
Domain Permissions By Object
56 of 71
5.57
Unified Security
Granting Object Permissions
5
57 of 71
5.58
Unified Security
Inherited Permissions
58 of 71
5.59
Unified Security
Repository Folder Permissions

Edit Folder
Add User
or Group
5
59 of 71
5.60
Unified Security
Add Additional User / Group to Folder
Select additional
User to grant Folder
Permissions
60 of 71
5.61
Unified Security
Assign User / Group Folder Permissions
Select newly
assigned
User or
Group
Assign Folder
Permissions
to selected
User or
Group
5
61 of 71
5.62
Unified Security
Operating System Profile

Operating System profile
Defined in Administration Console
Definition includes the OS user id, Integration Service
parameters (directories), environment variables
Supported on UNIX and Linux, not Windows
Switching users in Windows doesnt switch entire
security context of user
For an Integration Service on a Grid, the OS user id has
to be defined on all nodes
Previously workflows used the access permissions of

the user who started the Informatica Service
62 of 71
5.63
Unified Security
Create / Modify the OSProfile

Create an OSProfile
User must have Domain Administrator Privileges:
Define an Operating System Profile
Grant permission to other users for that OSProfile
Modify an OSProfile
User must have the Domain Privilege of Manage Users
and Groups with Permissions on the OSprofile
Attributes that can be modified are:
Integration service parameters
Environment variables
5
63 of 71
5.64
Unified Security
Operating System Profiles

Repository Folders
The Folder Owner can now associate a default OS profile to run
workflows inside the folder
Default OS user profile can be overridden at runtime when jobs are
started
Only users w/permission on the OS profile can use it to run jobs
To use OS profile
Configure pmimpprocess on every node configured to run the
Integration Service
Enable OS profile attribute for the Integration Service
Change Mechanism for the Workflow Process User Id

Pmimpprocess switches to the OS user id all arguments are
encrypted
External 3rd party mechanism (i.e., sudo)
64 of 71
5.65
Unified Security
Spawning Processes with OS User ID

Session Logs
(OS User ID2)
DI Service
Workflow Logs
(INFA Service
User ID)
Workflow I/O
(OS User ID2)
(INFA Service
User ID)
Workflow
(OS User ID2)
DTM / Sessions
(OS User ID2)
Workflow Tasks
(OS User ID2)
5
65 of 71
5.66
Unified Security
Creating an Operating System Profile

Define profile and operating system user id and password
66 of 71
5.67
Unified Security
OS Profile Integration Service Attributes

Configure Integration Service parameters for the profile
5
67 of 71
5.68
Unified Security
OS Profile Permissions
Configure permissions (who can use the profile)
68 of 71
5.69
Unified Security
Lab C: Explore PC8.5 Unified Security

Grant Permissions to Users and Groups within the
Administration Console for the Mersche Motors Domain
based on requirements that have been previously
gathered
5
69 of 71
5.70
Unified Security
Summary
Differentiate between the following PowerCenter Security
Elements of Users, Groups, Roles, Privileges and OS
Profiles

Benefits to the student include improving compliance with
internal security by using PowerCenter 8.5 Security Model
70 of 71
Unified Security
5.71
Unified Security
5.72
6.1
Repository Management
Module 6: Repository Management
PowerCenter 8.5 Level I Administrator
6.2
Module Objectives
Describe the architecture of the PowerCenter
repository
Administer the PowerCenter repository
Enable the student to understand and execute the
tasks required to properly administer a PowerCenter
repository
2 of 22
6.3
The Repository
The PowerCenter repository is a specialized schema
residing in a relational database
Its tables contain metadata, instructions for extracting,
transforming, and loading data
Clients access the database tables through the

Repository Service
TCP/IP
PowerCenter
Clients
Repository
Service
Repository
Service Process
Repository
3 of 22
6.4
The Repository Contents

Metadata
Describes different kinds of repository objects
PowerCenter Client tools are used to develop each kind of
object.
Workflow Manager Objects
Repository Manager Objects
Folders
Sessions
Workflows
Designer Objects
Workflow Tasks
Repository
Source Definitions
Worklets
Target Definitions
Transformations
Global Objects
Mappings
Labels
Mapplets
Deployment Groups
User-defined Functions
Object Queries
Multi-dimensional Metadata
Connection Objects
4 of 22
6.5
Repository Domains
Local
Global
cut
ort
h
ls
ba
o
l
G
Local
Shared metadata
Local repo
connection info
Local
Local
5 of 22
6.6
Repository Domains
Allows sharing of metadata between repositories using
shortcuts
Saves time and work by reusing metadata
Enforces standards among departments
Must contain one global repository

Can contain multiple local repositories
Example:
A complex calculation for the profitability of products can be
standardized for use across all products
One developer builds a set of transformations that implement
this calculation
Share the transformations across the repository domain
Note: Each repository in a domain is still managed by its own Repository
Service
6 of 22
6.7
Creating a Repository Domain

1. Create a global repository.
Create new or promote a local repository.
2. Register local repositories with the global repository.

3. Create user profiles for users performing cross-repository
work.
Need identical repository user names and password in each
repository.
7 of 22
6.8
Folders
Help organize objects
repository objects.
Are created via the
Repository Manager
Can be used to group
objects (sources, targets,
mappings, workflows, etc.)
by project or user
You can copy objects from
folder to folder
Permissions can be set to

provide security
8 of 22
6.9
Folder Properties
When you create a folder,
you set its properties
You can configure folders
to be shared
Enables users to create
shortcuts to objects in the
folder
On Properties tab, set
Allow Shortcut
9 of 22
Folder Property
Description
Name
Name of folder (required)
Description
Text describing the folders purpose
Owner
Defaults to creator
OS Profile
Operating System profile name
Allow shortcut
Makes the folder shared (see next slide)
Status
Applies to objects in the folder. Required for versioned repositories.
6.10
Permissions
Permissions control the level of access a user (or group)
has to the objects in a folder
Access is divided into three kinds of permission:
Read user can view the folder and objects in it
Write user can create or edit objects in a folder
Execute user can run or schedule workflows
Permissions are set on the permissions tab of the folder

properties
10 of 22
6.11
Setting Permissions
Select the Permissions
tab
Click Add to add users
or groups
With a user highlighted,
select the checkboxes for
the appropriate
permissions
On the Permissions tab,
you can also change the
folders owner
Defaults to folders creator
11 of 22
6.12
Permissions for Global Objects

Permissions also apply to global objects such as object
queries, deployment groups, labels, and connection
objects
Read user can view the objects
Write user can maintain object queries and labels and add or
delete objects from deployment groups
Execute user can run object queries, apply labels, and copy
deployment groups
12 of 22
6.13
Best Practices for Using Folders

Implement naming standards before creating
Choose an organizational strategy:
Organize by subject (target) area
Organize work by key business area
Organize by environment
Suitable for small development teams working with a minimal number of
mappings
Organize by source area

Use this option if development is centralized around source systems
13 of 22
6.14
Connection Objects
Connection objects enable workflow sessions to
communicate with data sources and targets
A connection object exists as a global object defining a
single connection in the repository
Connection objects can establish connections to
Relational databases
Queues
FTP servers
Applications
External loaders
Connection object properties vary depending on the

connection type
14 of 22
6.15
FTP Connection
Create FTP connection
Enable SFTP attribute in
connection properties to
enable secure FTP
Provide public and private
key files
Public and private key files
must be accessible on nodes
where session runs
15 of 22
6.16
Creating Relational Connections

Create connections in Workflow Manage using the
Connection Browser for the connection type
To create a relational database connection, select

Connections Relational
16 of 22
6.17
Creating Relational Connections

Select the database type and click New
17 of 22
6.18
Creating Relational Connections (Continued)

In the Connection Object
Definition dialogue, enter
A name for the connection
object
Database username and
password
ODBC connect string
18 of 22
6.19
Connection Owner and Permissions

The owner of a connection
defaults to the user who
creates it
The owner can grant read,
write, and execute
permissions for users and
groups
The owner can also
change the owner of the
connection object
19 of 22
6.20
Adding Users and Groups

To grant permissions, the
owner of the connection
selects users and groups
and clicks Add
20 of 22
6.21
Module 6 Lab: Administering Repositories

Create a repository folder
Assign folder permissions
Create repository connections
21 of 22
6.22
Summary
Describe the architecture of the PowerCenter
repository
Administer the PowerCenter repository
Enable the student to understand and execute the
tasks required to properly administer a PowerCenter
repository
22 of 22
7.1
Deployments
Module 7: Deployments
PC 8.5 Level 1 Administrator
Copyright YYYY Informatica Corp
7.2
Deployments
Module Objectives
Deploy Powercenter metadata from development to test and
then production environments
Smoothly migrate Powercenter metadata between phases
of a project
2 of 31
7.3
Deployments
Deployments
Migration of PowerCenter metadata
repositories from Development to Test, and
Production Environments
Protect the integrity of the metadata for
each project phase as the system evolves
3 of 31
7.4
Deployments
Deployment Strategy
A process that ensures the smooth and precise
deployment of repository metadata.
To define a strategy you must analyze the
following factors:
How is the PowerCenter environment architected?
How are the repository folders defined?
4 of 31
7.5
Deployments
Standalone Repositories
All work is performed in a single
PowerCenter repository that serves
as the metadata store
Separate folders are used to
represent the development, test,
and production workspaces
Folders are used to segregate work
This type of architecture within a
single repository ensures seamless
migration from development to QA,
and from QA to production
5 of 31
7.6
Deployments
Standalone Repositories - Disadvantages

Performance:
Containing a development, test, and production environment
within a single repository can cause degradation in production
performance
The production environment shares CPU and memory resources
with the development and test environments.
Although these environments are stored in separate folders,
they all reside within the same database table space and on the
same server.
Confusion:
A single repository structure can create uncertainty as the same
users and groups exist in all environments and the number of
project folders can increase exponentially.
6 of 31
7.7
Deployments
Distributed Repositories
Maintains separate, independent
repositories, hardware, and software for
development, test, and production
environments.
Segregated environments permit work
in development without impacting test
or production.
Each repository has a similar name, like
the folders in the standalone
environment.
7 of 31
7.8
Deployments
Deployment Options
Folder Copy
Object Copy
XML Export/Import
Repository Copy
PMREP
8 of 31
7.9
Deployments
Folder Copy
Copying an entire folder allows you to quickly promote
all of the objects located within that folder
Including sources, targets, mappings, workflows, etc.
From the Repository Manager, folders can be copied:

Within the same repository
From one repository to another (e.g. From the development
Repository to the test Repository)
You can copy a folder from a versioned to a non-versioned
repository.
9 of 31
7.10
Deployments
Folder Copy (contd)

Folder copy is the appropriate method of deployment for:
Standalone repositories
Between multiple repositories on the same node
Between multiple repositories on separate node within the same
domain.
10 of 31
7.11
Deployments
Folder Copy (contd)

Drag and drop of a project folder will
invoke the Copy Wizard
A series of windows will guide the
user through the copy process.
11 of 31
7.12
Deployments
Folder Copy - Advantages

The Repository Managers Folder Copy Wizard
makes it almost seamless to copy an entire
folder and all the objects located within it.
If the project uses a common or shared folder
and this folder is copied first, then all shortcut
relationships are automatically converted to
point to this newly copied common or shared
folder.
All connections, sequences, mapping variables,
and workflow variables are copied automatically.
12 of 31
7.13
Deployments
Folder Copy - Disadvantages

The primary disadvantage of the folder copy method is
that the repository is locked while the folder copy is
being performed.
Therefore, it is necessary to schedule this migration
task during a time when the repository is least utilized
A locked repository means than no jobs can be
launched during this process.
This can be a serious consideration in real-time or
near real-time environments.
If copy is occurring between repositories, user must be
connected to both repositories
13 of 31
7.14
Deployments
Object Copy
The Workflow Manager, Designer, and
Repository Manager provide a Copy Wizard that
you use to copy repository objects
You can copy repository objects such as
workflows, worklets, tasks, sessions,
mappings, mapplets, sources, targets, and
transformations. You can also copy segments
of workflows or mappings
You can copy objects within the same folder, to
a different folder, or to a different repository
Object Copy is typically used for incremental
deployments of a project phase
14 of 31
7.15
Deployments
Object Copy (contd)

Advantage:
In a distributed environment, object copy
provides more granular control over objects.
Disadvantages:
Much more work to deploy an entire group of
objects
Shortcuts must exist prior to importing/copying
mappings
15 of 31
7.16
Deployments
XML Export/Import
Similar to copying an object from one
folder or repository to another
For example, when you copy an object
between folders or export and import that
object, you can resolve object name conflicts
When you export an object from one

repository and import the object into
another repository, you do not need to be
connected to both repositories
16 of 31
7.17
Deployments
XML Export/Import
User can complete the following tasks using
XML Export/Import:
Deploy metadata between project phases (e.g.
development to test, then test to production)
Archive metdata
Share metadata
Search and replace property names in an entire
repository object
Copy metadata between repositories.
Create mappings.
Export and import of relational sources and targets
can be used to share metadata with other business
intelligence and data modeling tools.
17 of 31
7.18
Deployments
XML Export\Import Advantages

Exporting an object from one repository and then
importing the object into another repository, does not
require the administrator to be connected to both
repositories
the XML files can be uploaded to a third-party versioning
tool (such as Source Safe)
Multiple objects can be exported into a single XML file,
and then imported at the same time
The administrator has the opportunity to resolve naming
conflicts
18 of 31
7.19
Deployments
XML Export\Import Disadvantages

XML file is dependent on DTD file
Client install creates the DTD file
PowerCenter Client creates the XML file based on the structure
specified in the DTD
If the DID is not present on the client machine, XML can not be
imported.
Informatica restricts which elements you can modify in

the XML file.
PowerCenter Client might include a Cyclic Redundancy Checking
Value (CRCVALUE) code in one or more elements in the XML file.
The CRCVALUE code is another attribute in an element
If you modify certain attributes in an element that contains a
CRCVALUE code, you cannot import the object
19 of 31
7.20
Deployments
Repository Copy
From one repository into another repository
without contents
Provides a quick way to copy a repository for
use as the basis of a new repository
Can be used as a way of preserving the
original repository before upgrading
Can also utilized when deploying a repository
from development into production.
20 of 31
7.21
Deployments
Repository Copy - Procedure

In the Administration Console:
Use the Actions drop down to;
Backup the test repository
If distributed environment, copy
backup file to common location
that can be seen by both
dev/test and production nodes
Backup production repository
contents for archival
Notify users of deployment
Delete production repository
contents
Restore test backup file as
production repository
21 of 31
7.22
Deployments
Repository Copy - Advantages

The ability to copy all objects (i.e., mappings,
workflows, mapplets, reusable transformation,
etc.) at once from one environment to
another.
The ability to automate this process using
pmrep commands, thereby eliminating many
of the manual processes that users typically
perform.
The ability to move everything without
breaking or corrupting any of the objects.
22 of 31
7.23
Deployments
Repository Copy - Disadvantages

Entire repository is moved at once
therefore manual intervention may be necessary before the actual
production executions can take place
Significant maintenance is required to remove any unwanted or excess
objects.
There may also be a need to adjust server variables, sequences,
parameters/variables, database connections, etc.
This process requires that the existing production rep be

deleted, and then the test rep can be copied.
This results in a loss of production environment operational metadata
such as load statuses, session run times, etc
This metadata can be a competitive advantage for organizations that
use this information to plan for future growth.
23 of 31
7.24
Deployments
Repository Copy Disadvantages (contd)

At this time, repository copy can only be done within a single
domain
Copy Contents from option on the Actions drop down within
Administration Console can only see one domain with multiple
repositories
Repository copy can be supported by backing up the test repository

then restoring it as prod on separate domain
24 of 31
7.25
Deployments
PMREP
A command line program that you use to update repository
information and perform repository functions
Installed in the PowerCenter Client and Services bin
directories.
Perform repository administration tasks such as:
Exporting/importing XML
Deploy/Rollback a deployment group
Backing up and restoring repositories
Copy folders
updating session-related parameters
Updating security information in the PowerCenter repository.
Can be used from the Informatica Server or any client

machine connected to the server.
25 of 31
7.26
Deployments
Versioned Repositories
Powercenter team-based development
(licensed) option that allow the repository to
store multiple versions of objects
Store copies of previous versions of objects in
development, track changes to those objects,
and prepare them for deployment to a
production environment.
Each time an object is checked in, the
repository increments the version number by
one and stores a new version of the object in
the repository database
Allows for the use of Deployment Groups for
migrating metadata between repositories
26 of 31
7.27
Deployments
Deployment Groups
Deployment Groups are containers that hold
references to objects that need to be migrated.
Static
A deployment group populated by manually selecting the
objects
Create a static deployment group when the set of
deployment objects is not expected to change.
Dynamic
The result set from an object query is used to populate this
type deployment group. Create a dynamic deployment
group when the set of deployment objects is expected to
change frequently
The dynamic deployment group query multiple times and
add new objects to the group each time the query is
executed
27 of 31
7.28
Deployments
Deployment Groups - Advantages

Backup and restore of the Repository needs to be
performed only once.
Copying a Folder replaces the previous copy.
Copying a Mapping allows for different names to be
used for the same object.
Allows for version-based object migration.
Faster and more flexible than folder moves for
incremental changes.
Allows for migration rollbacks
Allows specifying individual objects to copy, rather
than the entire contents of a folder or repository.
28 of 31
7.29
Deployments
Post Deployment Tasks

Implement the appropriate security.
In Development, the owner of the folders should be a user(s) in
the development group.
In Test, change the owner of the test folder to a user(s) in the
test group.
In Production, change the owner of the folders to a user in the
production group.
Revoke all rights to Public other than Read for the production
folders.
29 of 31
7.30
Deployments
Module 7 Lab: Deployments

Backup the test repository

Place the backup file on a common location
Backup the production repository
Delete the contents of the production repository
Restore the contents of the test repository to production
Attempt to run a workflow
30 of 31
7.31
Deployments
Summary
Deploy Powercenter metadata from development to test and
then production environments
Smoothly migrate Powercenter metadata between phases
of a project
31 of 31
Deployments
7.32
8.1
Command Line Programs
Module 8: Command Line Programs
8.2
Module Objectives
Use PowerCenter command line programs to administer
the domain

Many administrator tasks can be automated through the
use of PowerCenters command-line programs.
2 of 16
8.3

Allow you to perform a subset of tasks in PowerCenter
Client
Can combine multiple commands into a script
See Command Line Reference in online help
Program
Description
infacmd
Access PowerCenter application services.
infasetup
Administer PowerCenter domain and node properties.
pmcmd
Manage workflows. E.g. start, stop, & schedule.
pmrep
Perform repository administration tasks.
3 of 16
8.4
Modes
Command Line Mode
Can issue commands directly from the operating system
command line.
Use to script commands.
Interactive Mode
Can issue commands from an interactive prompt. The program
does not exit after it completes a command.
Command Line
Interactive
infacmd
infasetup
pmcmd
pmrep
4 of 16
8.5
Command Line Mode Return Codes

Commands return success or failure
Zero (0) = success
Non-zero number = failure
Enter an echo command immediately after command:

DOS shell: echo %ERRORLEVEL%
UNIX Bourne or Korn shell: echo $?
UNIX C shell: echo $status
pmcmd return code values explain cause of failure (1-25)
5 of 16
8.6
Scripting Commands
Use scripts for tasks you perform often
E.g. daily backup for a repository
Command line mode only

Issue commands from a script, batch file, or other
program
Windows: batch files with a .bat extension
UNIX: script files with a .sh extension
6 of 16
8.7
infacmd
Use to administer PowerCenter domains and services
Run from <install_dir>\server\bin directory
Administer:
Application services and processes

Domain gateway
Licenses
Log events
Nodes
Grids
Domains
7 of 16
8.8
infacmd Example
Windows:
infacmd AddNodeResource -dn MyDomain
-un AdminUser -pd password -nn Node1
-rt "File Directory" -rn BkupDir
UNIX:
infacmd.sh AddNodeResource -dn MyDomain -un
AdminUser -pd password -nn Node1
-rt "File Directory" -rn BkupDir
8 of 16
8.9
infacmd for Security

Use to create and modify users, roles, and groups
Example:
infacmd createUser -dn MyDomain
-un UserName -pd password
-nu new_user_name -np new_user_password
Related security commands include

EditUser
DisableUser
CreateGroup
CreateRole
AddUserToGroup
AssignRoleToUser
AssignRoleToGroup
RemoveUser
RemoveUserFromGroup
RemoveGroup
RemoveRole
ResetPassword
9 of 16
8.10
infacmd for Security (Continued)

Use to change permissions and privileges for users, roles,
and groups
Example:
infacmd AddUserPermission -dn MyDomain
-un UserName pd password
-eu existing_user_name
on object_full_path_name
-esd existing_user_security_domain
Related security commands include

AddGroupPermission
AddGroupPrivilege
AddUserPrivilege
AddRolePrivilege
RemoveRolePrivilege
RemoveGroupPrivilege
RemoveUserPrivilege
10 of 16
8.11
infasetup
Use to modify domain and node properties after you
install PowerCenter Services
E.g. change port number for a node
BackupDomain, RestoreDomain, DefineWorkerNode,
DefineGatewayNode, and more
<install_dir>\server directory
Windows example:
infasetup UpdateWorkerNode -nn Node1 -na
Host1:9090
Use infasetup.sh on UNIX
11 of 16
8.12
pmcmd
Communicates with Integration Service
Use to perform some Workflow Manager tasks
E.g. start, stop, and abort workflows, get session statistics, get
service properties, and more
<install_dir>\server\bin directory
Example:
pmcmd startworkflow -sv MyIntService
-d MyDomain -u seller3 -p jackson
-f SalesEast wf_SalesAvg
12 of 16
8.13
pmrep
Use to update repository information and perform
repository functions
E.g. list objects, users, and groups; export and import objects;
create folders, users, and group; and more
<install_dir>\server\bin or <install_dir>\client\bin
directory
Example:
pmrep ObjectImport -i newworkflows.xml -c
mycontrolfile -l importlog.txt
13 of 16
8.14
pmrep to Back Up and Restore a Repository

Use to back up repositories for security or migration
Example of backing up:
pmrep backup -o repo_backup.rep
Example of restoring:
pmrep restore -u AdminUser
-p AdminPassword i repo_backup.rep
-y -v repo_user -x repo_password
14 of 16
8.15
Module 8 Lab: Command-Line Programs

Set permissions for REPEDW_Admin_01 user for the repository
folders and connection objects
Assign workflows to prod Integration Service
Test run the deployed workflows
15 of 16
8.16
Summary
Use PowerCenter command line programs to administer
the domain

Many administrator tasks can be automated through the
use of PowerCenters command-line programs.
16 of 16
9.1
Subject Area Implementation
Module 9: Subject Area Implementation
9.2
Module Objectives
Define a Subject Area
Implement a Subject Area into the PowerCenter
architecture.
Quickly and efficiently create a subject area for a new
project within Powercenter that is totally encapsulated by
security.
2 of 22
9.3
Subject Area
A Subject Area is:
A distinct project or logical grouping of work inside the
PowerCenter Domain
Organized within Domain folders
Protected by Domain & Host Security
Extends to include Repository Folders and input/output files
generated by PowerCenter & stored on host machine
Includes the source and target connections used to access
project data
3 of 22
9.4
Subject Area Domain Objects

Certain Domain objects should be created to support a
Subject Area
Domain Folders
Created to house domain objects for each subject area.
Repository Service
Separately store metadata pertaining to each subject area for better
security
Integration Service
Execution statics can be used for departmental chargeback
Process variables can be better configured to secure sensitive output/input
files
Nodes
Separate nodes can be installed for each subject area.
4 of 22
9.5
Domain Folders
Created for each Subject Area to organize and secure
services and other project objects
The owner of the Subject Area should be an
administrative user defined in the Security Domain
The owner should belong to a distinct PowerCenter
domain security group
The owner should be granted full privileges and
permissions on the Subject Area Domain folders
5 of 22
9.6
Integration Service
Each Integration Service process uses run-time files to
process workflows and sessions
If you configure an Integration Service to run on a grid or
to run on backup nodes, the run-time files must be stored
in a shared location.
By default, the installation program creates a set of
Integration Service directories in the server\infa_shared
directory on the host machine.
PowerCenter uses process variables to point to the
common directory structure on the host machine.
An integration Service should be created for each Subject Area.
6 of 22
9.7
Integration Service (contd)

The process variables are configured on the processes
tab of the Integration Service in the Administration
Console
7 of 22
9.8
Integration Service
Process Variables - Definitions
Directory
Service Process
Variable
Description
Root directory
$PMRootDir
Root directory for all subdirectories.
Session log subdirectory
$PMSessionLogDir
Stores session logs.
Bad file subdirectory
$PMBadFileDir
Stores reject files.
Cache file subdirectory
$PMCacheDir
Stores index and data cache files.
Target file subdirectory
$PMTargetFileDir
Stores target files.
Source file subdirectory
$PMSourceFileDir
Stores source files.
External procedure file subdirectory
$PMExtProcDir
Stores external procedure files.
Temporary subdirectory
$PMTempDir
Stores temporary files.
Workflow log subdirectory
$PMWorkflowLog
Dir
Stores workflow logs.
Lookup file subdirectory
$PMLookupFileDir
Stores lookup files.
Storage subdirectory
$PMStorageDir
Stores run time files that are used to recover a

workflow or session. These files store the state of
each workflow and session operation.
8 of 22
9.9
Host Directories
infa_shared
Example of host directories created by
PowerCenter Installation
Developers & Administrators from all
projects need access to these folders
to view log results, review cache files
for accuracy, deliver target files,
receive source files etc
This represents a fundamental security problem
9 of 22
9.10
Integration Service
Process Variables The Problem
By default, all users are sharing and have access to the common
directory structure
Data contained within these directories may be sensitive and
should not be accessed by all users
Inadvertent deletion/overwrite of important files may occur
This arrangement is not conducive to accurate departmental
chargeback
This arrangement may not comply with the organizations
Sarbanes-Oxley procedures
10 of 22
9.11
Integration Service
Process Variables The Solution
Each Subject Area should have its own distinct directory
structure on the host machine to store files and data related to
the Subject Area
These structures should be secured and access should be
limited using host-based security groups
Individual network IDs should be granted access through named
shares by local host groups
The process variables of the Integration Service should then be
pointed to the secured host share.
11 of 22
9.12
Subject Area
Integration Service - Example
Process variables should be set to Host directory structure
shared by those in the Domain and Host security group.
12 of 22
9.13
Subject Area Repository Objects

Certain Repository objects should be created to support
the Subject Area
Repository Folders
Repository Connections
13 of 22
9.14
Repository Folders
Created for each Subject Area to ease management of
project content
The Administrator and project group should be given
permissions and privileges on the Subject Area repository
folder
The level of permissions that the project group has on the
project folder is determined by the security requirements
of the organization
14 of 22
9.15
PowerCenter stores the information necessary to connect
to the source/target within the repository in the form of a
connection definition
Assigning a specific owner to the connection definition
prevents others from modifying the connection properties
Subject Area security can be applied to the connection by
assigning permissions to the Subject Area Domain
Security group.
15 of 22
9.16
Privileges and Permissions
Privileges to create connections are
assigned in the Administrator Console
Permissions to read, write & execute

the connection are granted within the
PowerCenter Workflow Manager Client
16 of 22
9.17
Host Security
Governs access to the host file directories and individual
data files such as those generated for use by
PowerCenter
Access to the file directories can be restricted by creating
local host security groups
Host security groups should have individual network
accounts (corresponding to those in the PowerCenter
Security Domain) assigned to them for each Subject Area
Each host security group will be given access to its
Subject Area share, therefore restricting any other users
on the machine for viewing sensitive files.
Informatica runtime host id should be added to the host
security group
17 of 22
9.18
Host Security
Host Security Group Example
18 of 22
9.19
Subject Area Implementation Steps

Create Domain Objects (Folder, Repository Service and Integration
Service)
Create Domain Security Group for Subject Area
Set Domain object permissions
Create Administrative User for Security Group
Assign existing or create new Domain Security users to Subject Area
security group within PowerCenter
Create Repository Objects (folder & database connections) for
Subject Area
Set Repository Object permissions
Create Subject Area directories on host machine
Create Host Security Group add Informatica runtime id
Create Host share and assign privileges to Host Security Group
Point Integration Service Process Variables to new host directory
structure
19 of 22
9.20
Module 9 Lab: Implement a Subject Area

Implement a Customer Master ETL project Subject Area
20 of 22
9.21
Summary
Define a Subject Area
Implement a Subject Area into the PowerCenter
architecture.
Quickly and efficiently create a subject area for a new
project within Powercenter that is totally encapsulated by
security.
21 of 22
9.22

PC8.5 - Level1 - Administrator - Student Guide PDF

Transféré par

Informations du document

Description originale:

Titre original

Copyright

Formats disponibles

Partager ce document

Partager ou intégrer le document

Options de partage

Avez-vous trouvé ce document utile ?

Ce contenu est-il inapproprié ?

Droits d'auteur :

Formats disponibles

PC8.5 - Level1 - Administrator - Student Guide PDF

Transféré par

Droits d'auteur :

Formats disponibles

PowerCenter 8.

PowerCenter 8.5 Level I Administrator Lab Guide

Welcome to the PowerCenter 8.5 level One Administrator course.

About This Guide

Describe Informaticas Administrative best practices

Indicates a submenu to navigate to.

Click Repository > Connect.

In this example, you should click the Repository menu or button

Indicates text you need to type or enter.

Click the Rename button and name the new source

Database tables and column names are shown

Indicates a variable you must replace with

Connect to the Repository using the assigned login_id.

The following paragraph provides additional

Note: You can select multiple objects to import by

The following paragraph provides suggested

Tip: The m_ prefix for a mapping name is

Other Informatica Resources

Obtaining Informatica Documentation

Visiting Informatica Customer Portal

Visiting the Informatica Web Site

Visiting the Informatica Developer Network

Visiting the Informatica Knowledge Base

Obtaining Informatica Professional Certification

Obtaining Technical Support

support@informatica.com for technical inquiries

Europe / Middle East / Africa

Informatica Software Ltd.

Informatica Business Solutions

Module 0: Course Introduction

PowerCenter 8.5 Level 1 Administrator

Copyright 2008 Informatica Corp

Additional resources and technical support

PowerCenter 8.5 Level 1 Administrator

Copyright 2008 Informatica Corp

Instructor and Class Participants

> What is your prior experience?

> How do you expect to benefit from this course?

PowerCenter 8.5 Level 1 Administrator

Copyright 2008 Informatica Corp

Training Site Information

> Class duration and breaks

> Meals and refreshments

> Fire Exits

Module 0: Course Introduction

PowerCenter 8.5 Level 1 Administrator

Copyright 2008 Informatica Corp

Module 0: Course Introduction

PowerCenter 8.5 Level 1 Administrator

Copyright 2008 Informatica Corp

Module 0: Course Introduction

PowerCenter 8.5 Level 1 Administrator

Copyright 2008 Informatica Corp

Module 0: Course Introduction

PowerCenter 8.5 Level 1 Administrator

Copyright 2008 Informatica Corp

Module 0: Course Introduction

PowerCenter 8.5 Level 1 Administrator

Copyright 2008 Informatica Corp

Module 0: Course Introduction

PowerCenter 8.5 Level 1 Administrator

Copyright 2008 Informatica Corp