ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzaih_5.4.0.1/rzaihsyncfunc.htm

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html
  PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us" xml:lang="en-us">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="security" content="public" />
<meta name="Robots" content="index,follow" />
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
<meta name="DC.Type" content="concept" />
<meta name="DC.Title" content="Synchronize functions" />
<meta name="abstract" content="You can synchronize the configuration of key functions, such as EIM and Kerberos, across a group of endpoint systems." />
<meta name="description" content="You can synchronize the configuration of key functions, such as EIM and Kerberos, across a group of endpoint systems." />
<meta name="DC.Relation" scheme="URI" content="rzaih2.htm" />
<meta name="DC.Relation" scheme="URI" content="rzaihuseradmin.htm" />
<meta name="DC.Relation" scheme="URI" content="../rzamz/rzamzconfigssomgtcentral.htm" />
<meta name="DC.Relation" scheme="URI" content="../rzakh/rzakhpropagatescenario_propagateiserisatobandc.htm" />
<meta name="copyright" content="(C) Copyright IBM Corporation 1998, 2006" />
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 1998, 2006" />
<meta name="DC.Format" content="XHTML" />
<meta name="DC.Identifier" content="rzaihsyncfunc" />
<meta name="DC.Language" content="en-us" />
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights -->
<!-- Use, duplication or disclosure restricted by -->
<!-- GSA ADP Schedule Contract with IBM Corp. -->
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
<link rel="stylesheet" type="text/css" href="./ic.css" />
<title>Synchronize functions</title>
</head>
<body id="rzaihsyncfunc"><a name="rzaihsyncfunc"><!-- --></a>
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
<h1 class="topictitle1">Synchronize functions</h1>
<div><p>You can synchronize the configuration of key functions, such as
EIM and Kerberos, across a group of endpoint systems.</p>
<p>You select a model endpoint system and a set of target endpoint systems,
and then use the Synchronize Functions wizard to duplicate the model system's
Kerberos or EIM configurations (or both) on the specified target systems.
Synchronizing these functions from the model system saves you time by eliminating
the task of individually configuring each function on each target system.
Synchronizing your EIM configurations allows you to create EIM associations
between user identities within your network. This in turn allows a user who
has different profiles on different systems to work with distributed applications
that use Kerberos authentication without having to sign on to each of these
systems individually.</p>
<p>For example, John Smith may be JSMITH on system CHICAGO1, JOHNSMITH on
system DETROIT1, and JRSMITH on system DENVER. If EIM and Kerberos are configured
on all three systems, and all three profiles are associated with the same
EIM identifier, John Smith can use Management Central to manage these V5R3
systems. For example, he can run commands on these systems, and monitor performance,
jobs, and other resources on these systems. John Smith can also access other
services and applications that use EIM and Kerberos authentication without
the need for multiple passwords to these different systems across the enterprise.</p>
<p>Using Kerberos and EIM together in this way is referred to as <dfn class="term">single
signon</dfn> because it eliminates the need to provide multiple user names
and passwords for distributed applications. Single signon benefits users,
administrators, and application developers by enabling an easier password
management system across multiple platforms without the need to change underlying
security policies. See Single signon for details on how to enable single signon
by using network authentication service and Enterprise Identity Mapping (EIM).</p>
<div class="note"><span class="notetitle">Note:</span> If the SNTP box is checked then a TCP job QTOTNTP should be running
on the endpoint. If it is not running then Management Central will use information
from the model system. If SNTP is checked and the client QTOTNTP job is running
then you should not run multiple Time Synchronization tasks within one polling
interval of the SNTP client. You can view the SNTP polling interval at <span class="menucascade"><span class="uicontrol">My Connections</span> &gt; <span class="uicontrol">server </span> &gt; <span class="uicontrol">TCP/IP</span> &gt; <span class="uicontrol">Right-click SNTP</span> &gt; <span class="uicontrol">Properties</span> &gt; <span class="uicontrol">Client
tab</span></span> .</div>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzaih2.htm" title="After Management Central has been set up, you can use it to streamline your server administration tasks.">Work with Management Central</a></div>
</div>
<div class="relconcepts"><strong>Related concepts</strong><br />
<div><a href="rzaihuseradmin.htm" title="iSeries Navigator can help you as a system administrator to keep track of the users, groups, and their level of privileges on one or more endpoint systems.">Manage users and groups with Management Central</a></div>
</div>
<div class="relinfo"><strong>Related information</strong><br />
<div><a href="../rzamz/rzamzconfigssomgtcentral.htm">Scenario: Configure the Management Central servers for single signon</a></div>
<div><a href="../rzakh/rzakhpropagatescenario_propagateiserisatobandc.htm">Propagate system settings from the model system (iSeries A) to iSeries B and iSeries C</a></div>
</div>
</div>
</body>
</html>
Add readme and dist folders 2024-04-02 14:02:31 +00:00			`<?xml version="1.0" encoding="UTF-8"?>`
			`<!DOCTYPE html`
			`PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">`
			`<html lang="en-us" xml:lang="en-us">`
			`<head>`
			`<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />`
			`<meta name="security" content="public" />`
			`<meta name="Robots" content="index,follow" />`
			`<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />`
			`<meta name="DC.Type" content="concept" />`
			`<meta name="DC.Title" content="Synchronize functions" />`
			`<meta name="abstract" content="You can synchronize the configuration of key functions, such as EIM and Kerberos, across a group of endpoint systems." />`
			`<meta name="description" content="You can synchronize the configuration of key functions, such as EIM and Kerberos, across a group of endpoint systems." />`
			`<meta name="DC.Relation" scheme="URI" content="rzaih2.htm" />`
			`<meta name="DC.Relation" scheme="URI" content="rzaihuseradmin.htm" />`
			`<meta name="DC.Relation" scheme="URI" content="../rzamz/rzamzconfigssomgtcentral.htm" />`
			`<meta name="DC.Relation" scheme="URI" content="../rzakh/rzakhpropagatescenario_propagateiserisatobandc.htm" />`
			`<meta name="copyright" content="(C) Copyright IBM Corporation 1998, 2006" />`
			`<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 1998, 2006" />`
			`<meta name="DC.Format" content="XHTML" />`
			`<meta name="DC.Identifier" content="rzaihsyncfunc" />`
			`<meta name="DC.Language" content="en-us" />`
			`<!-- All rights reserved. Licensed Materials Property of IBM -->`
			`<!-- US Government Users Restricted Rights -->`
			`<!-- Use, duplication or disclosure restricted by -->`
			`<!-- GSA ADP Schedule Contract with IBM Corp. -->`
			`<link rel="stylesheet" type="text/css" href="./ibmdita.css" />`
			`<link rel="stylesheet" type="text/css" href="./ic.css" />`
			`<title>Synchronize functions</title>`
			`</head>`
			`<body id="rzaihsyncfunc"><a name="rzaihsyncfunc"><!-- --></a>`
			`<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>`
			`<h1 class="topictitle1">Synchronize functions</h1>`
			`<div><p>You can synchronize the configuration of key functions, such as`
			`EIM and Kerberos, across a group of endpoint systems.</p>`
			`<p>You select a model endpoint system and a set of target endpoint systems,`
			`and then use the Synchronize Functions wizard to duplicate the model system's`
			`Kerberos or EIM configurations (or both) on the specified target systems.`
			`Synchronizing these functions from the model system saves you time by eliminating`
			`the task of individually configuring each function on each target system.`
			`Synchronizing your EIM configurations allows you to create EIM associations`
			`between user identities within your network. This in turn allows a user who`
			`has different profiles on different systems to work with distributed applications`
			`that use Kerberos authentication without having to sign on to each of these`
			`systems individually.</p>`
			`<p>For example, John Smith may be JSMITH on system CHICAGO1, JOHNSMITH on`
			`system DETROIT1, and JRSMITH on system DENVER. If EIM and Kerberos are configured`
			`on all three systems, and all three profiles are associated with the same`
			`EIM identifier, John Smith can use Management Central to manage these V5R3`
			`systems. For example, he can run commands on these systems, and monitor performance,`
			`jobs, and other resources on these systems. John Smith can also access other`
			`services and applications that use EIM and Kerberos authentication without`
			`the need for multiple passwords to these different systems across the enterprise.</p>`
			`<p>Using Kerberos and EIM together in this way is referred to as <dfn class="term">single`
			`signon</dfn> because it eliminates the need to provide multiple user names`
			`and passwords for distributed applications. Single signon benefits users,`
			`administrators, and application developers by enabling an easier password`
			`management system across multiple platforms without the need to change underlying`
			`security policies. See Single signon for details on how to enable single signon`
			`by using network authentication service and Enterprise Identity Mapping (EIM).</p>`
			`<div class="note"><span class="notetitle">Note:</span> If the SNTP box is checked then a TCP job QTOTNTP should be running`
			`on the endpoint. If it is not running then Management Central will use information`
			`from the model system. If SNTP is checked and the client QTOTNTP job is running`
			`then you should not run multiple Time Synchronization tasks within one polling`
			`interval of the SNTP client. You can view the SNTP polling interval at <span class="menucascade"><span class="uicontrol">My Connections</span> > <span class="uicontrol">server </span> > <span class="uicontrol">TCP/IP</span> > <span class="uicontrol">Right-click SNTP</span> > <span class="uicontrol">Properties</span> > <span class="uicontrol">Client`
			`tab</span></span> .</div>`
			`</div>`
			`<div>`
			`<div class="familylinks">`
			`<div class="parentlink"><strong>Parent topic:</strong> <a href="rzaih2.htm" title="After Management Central has been set up, you can use it to streamline your server administration tasks.">Work with Management Central</a></div>`
			`</div>`
			`<div class="relconcepts"><strong>Related concepts</strong><br />`
			`<div><a href="rzaihuseradmin.htm" title="iSeries Navigator can help you as a system administrator to keep track of the users, groups, and their level of privileges on one or more endpoint systems.">Manage users and groups with Management Central</a></div>`
			`</div>`
			`<div class="relinfo"><strong>Related information</strong><br />`
			`<div><a href="../rzamz/rzamzconfigssomgtcentral.htm">Scenario: Configure the Management Central servers for single signon</a></div>`
			`<div><a href="../rzakh/rzakhpropagatescenario_propagateiserisatobandc.htm">Propagate system settings from the model system (iSeries A) to iSeries B and iSeries C</a></div>`
			`</div>`
			`</div>`
			`</body>`
			`</html>`