ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzalv_5.4.0.1/rzalv_plan_roles.htm

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html
  PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us" xml:lang="en-us">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="security" content="public" />
<meta name="Robots" content="index,follow" />
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
<meta name="DC.Type" content="concept" />
<meta name="DC.Title" content="Identify needed skills and roles" />
<meta name="DC.Relation" scheme="URI" content="rzalv_plan_eim_for_eserver.htm" />
<meta name="copyright" content="(C) Copyright IBM Corporation 2002, 2006" />
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 2002, 2006" />
<meta name="DC.Format" content="XHTML" />
<meta name="DC.Identifier" content="rzalv_plan_roles" />
<meta name="DC.Language" content="en-us" />
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights -->
<!-- Use, duplication or disclosure restricted by -->
<!-- GSA ADP Schedule Contract with IBM Corp. -->
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
<link rel="stylesheet" type="text/css" href="./ic.css" />
<title>Identify needed skills and roles</title>
</head>
<body id="rzalv_plan_roles"><a name="rzalv_plan_roles"><!-- --></a>
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
<h1 class="topictitle1">Identify needed skills and roles</h1>
<div><p>Enterprise Identity Mapping (EIM) is designed so that a single person can
easily be responsible for configuration and administration in a small organization.
Or, in a larger organization, you may prefer to have a number of different
individuals handle these responsibilities. The number of people that you need
on your team varies depending on the number of required skills that each team
member possesses, the types of platforms involved in your EIM implementation,
and how your organization prefers to divide its security roles and responsibilities.</p>
<p>A successful EIM implementation requires the configuration and interaction
of several software products. Because each of these products requires specific
skills and roles, you may choose to create an EIM implementation team that
consists of people from several different disciplines, particularly if you
work in a large organization.</p>
<p>The following information describes the skills and <a href="rzalveservereimauths.htm#rzalveservereimauths">EIM access control</a> authority
required to implement EIM successfully. These skills are presented in terms
of job titles for people who specialize in those skills. For example, a task
requiring Lightweight Directory Access Protocol (LDAP) skills is referred
to as a task for a Directory Server administrator.</p>
<div class="section"><h4 class="sectiontitle">Team members and their roles</h4><p>The following information
describes the responsibilities and required authority of the roles that are
needed for managing EIM. You can use this list of roles to determine the team
members that are needed to install and configure prerequisite products and
to configure EIM and one or more EIM domains.</p>
<p>One of the first sets
of roles that you need to define is the number and type of administrators
for your EIM domain. All personnel that are given EIM administrative duties
and authority need to be involved in the EIM planning process as members of
the EIM implementation team.</p>
<div class="note"><span class="notetitle">Note:</span>  EIM administrators play an important
role in your organization and have as much power as individuals that are allowed
to create user identities on your systems. When they create EIM associations
for user identities, they determine who can access your computer systems and
what privileges they have when doing so. IBM<sup>®</sup> recommends that you give this authority
to those individuals in whom you have a high level of trust based on your
company's security policy. </div>
<p>The following table lists potential team
member roles and the tasks and skills needed for configuring and managing
EIM. For more detailed information about the EIM administrative tasks that
each role can perform, see <a href="rzalveservereimauths.htm#rzalveservereimauths">EIM access control</a>.</p>
<div class="note"><span class="notetitle">Note:</span>  If
a single person in your organization will be responsible for all EIM configuration
and administration tasks, that person should be given the role and authority
of EIM administrator. </div>
<div class="p"> 
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" width="100%" frame="border" border="1" rules="all"><caption>Table 1. Roles,
tasks, and skills for configuring EIM</caption><thead align="left"><tr><th align="left" valign="top" width="33.33333333333333%" id="d0e49">Role</th>
<th valign="top" width="33.33333333333333%" id="d0e51">Authorized tasks</th>
<th align="left" valign="top" width="33.33333333333333%" id="d0e53">Required skills</th>
</tr>
</thead>
<tbody><tr><td valign="top" width="33.33333333333333%" headers="d0e49 ">EIM administrator</td>
<td valign="top" width="33.33333333333333%" headers="d0e51 "><ul><li>Coordinating domain operations</li>
<li>Adding, removing, and changing registry definitions, EIM identifiers,
and associations for user identities</li>
<li>Controller authority to the data within an EIM domain</li>
</ul>
</td>
<td valign="top" width="33.33333333333333%" headers="d0e53 ">Knowledge of the EIM administration tools</td>
</tr>
<tr><td valign="top" width="33.33333333333333%" headers="d0e49 ">EIM identifiers administrator</td>
<td valign="top" width="33.33333333333333%" headers="d0e51 "><ul><li>Creating and changing EIM identifiers</li>
<li>Adding and removing administrative and source associations (cannot add
or remove target associations)</li>
</ul>
</td>
<td valign="top" width="33.33333333333333%" headers="d0e53 ">Knowledge of the EIM administration tools</td>
</tr>
<tr><td valign="top" width="33.33333333333333%" headers="d0e49 ">EIM registries administrator</td>
<td valign="top" width="33.33333333333333%" headers="d0e51 ">Managing all EIM registry definitions:   <ul><li>Adding and removing target associations (cannot add or remove source and
administrative associations)</li>
<li>Updating EIM registry definitions</li>
</ul>
</td>
<td valign="top" width="33.33333333333333%" headers="d0e53 ">Knowledge of:   <ul><li>All the user registries defined to the EIM domain (such as information
about user identities)</li>
<li>The EIM administration tools</li>
</ul>
</td>
</tr>
<tr><td valign="top" width="33.33333333333333%" headers="d0e49 ">EIM registry X administrator</td>
<td valign="top" width="33.33333333333333%" headers="d0e51 ">Managing a specific EIM registry definition:   <ul><li>Adding and removing target associations for a specific user registry (for
example, registry X)</li>
<li>Updating a specific EIM registry definition</li>
</ul>
</td>
<td valign="top" width="33.33333333333333%" headers="d0e53 ">Knowledge of:   <ul><li>The particular user registry defined to the EIM domain (such as information
about user identities)</li>
<li>The EIM administration tools</li>
</ul>
</td>
</tr>
<tr><td valign="top" width="33.33333333333333%" headers="d0e49 ">Directory server (LDAP) administrator</td>
<td valign="top" width="33.33333333333333%" headers="d0e51 "><ul><li>Installing and configuring a directory server (if necessary)</li>
<li>Customizing directory server configuration for EIM</li>
<li>Creating an EIM domain (see note)</li>
<li>Defining users that are authorized to access the EIM domain controller</li>
<li>Optional: Defining the first EIM administrator<div class="note"><span class="notetitle">Note:</span> The directory server
administrator can do can do everything that an EIM administrator can do.</div>
</li>
</ul>
</td>
<td valign="top" width="33.33333333333333%" headers="d0e53 ">Knowledge of:   <ul><li>Directory server installation, configuration, and customization</li>
<li>EIM administration tools</li>
</ul>
</td>
</tr>
<tr><td valign="top" width="33.33333333333333%" headers="d0e49 ">User registry administrator</td>
<td valign="top" width="33.33333333333333%" headers="d0e51 "><ul><li>Setting up user profiles or user identities for a specific user registry</li>
<li>Optional: Serving as an EIM registry administrator for specified user
registry</li>
</ul>
</td>
<td valign="top" width="33.33333333333333%" headers="d0e53 ">Knowledge of:   <ul><li>Tools for administering the user registry</li>
<li>EIM administration tools</li>
</ul>
</td>
</tr>
<tr><td valign="top" width="33.33333333333333%" headers="d0e49 ">System programmer or System administrator</td>
<td valign="top" width="33.33333333333333%" headers="d0e51 ">Installing needed software products (may include installing
EIM)</td>
<td valign="top" width="33.33333333333333%" headers="d0e53 ">Knowledge of:   <ul><li>System programming or administration skills</li>
<li>Installation procedures for the platform</li>
</ul>
</td>
</tr>
<tr><td valign="top" width="33.33333333333333%" headers="d0e49 ">Application programmer</td>
<td valign="top" width="33.33333333333333%" headers="d0e51 "><p>Writing applications that use EIM APIs</p>
</td>
<td valign="top" width="33.33333333333333%" headers="d0e53 ">Knowledge of:   <ul><li>Platform</li>
<li>Programming skills </li>
<li>Compiling programs</li>
</ul>
</td>
</tr>
</tbody>
</table>
</div>
</div>
<p>After you identify which roles you want to use for configuring
and managing EIM in your enterprise, you can <a href="rzalv_plan_domain.htm#rzalv_plan_domain">plan an EIM domain</a>.</p>
</div>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzalv_plan_eim_for_eserver.htm">Plan Enterprise Identity Mapping for eServer</a></div>
</div>
</div>
</body>
</html>
Add readme and dist folders 2024-04-02 14:02:31 +00:00			`<?xml version="1.0" encoding="UTF-8"?>`
			`<!DOCTYPE html`
			`PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">`
			`<html lang="en-us" xml:lang="en-us">`
			`<head>`
			`<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />`
			`<meta name="security" content="public" />`
			`<meta name="Robots" content="index,follow" />`
			`<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />`
			`<meta name="DC.Type" content="concept" />`
			`<meta name="DC.Title" content="Identify needed skills and roles" />`
			`<meta name="DC.Relation" scheme="URI" content="rzalv_plan_eim_for_eserver.htm" />`
			`<meta name="copyright" content="(C) Copyright IBM Corporation 2002, 2006" />`
			`<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 2002, 2006" />`
			`<meta name="DC.Format" content="XHTML" />`
			`<meta name="DC.Identifier" content="rzalv_plan_roles" />`
			`<meta name="DC.Language" content="en-us" />`
			`<!-- All rights reserved. Licensed Materials Property of IBM -->`
			`<!-- US Government Users Restricted Rights -->`
			`<!-- Use, duplication or disclosure restricted by -->`
			`<!-- GSA ADP Schedule Contract with IBM Corp. -->`
			`<link rel="stylesheet" type="text/css" href="./ibmdita.css" />`
			`<link rel="stylesheet" type="text/css" href="./ic.css" />`
			`<title>Identify needed skills and roles</title>`
			`</head>`
			`<body id="rzalv_plan_roles"><a name="rzalv_plan_roles"><!-- --></a>`
			`<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>`
			`<h1 class="topictitle1">Identify needed skills and roles</h1>`
			`<div><p>Enterprise Identity Mapping (EIM) is designed so that a single person can`
			`easily be responsible for configuration and administration in a small organization.`
			`Or, in a larger organization, you may prefer to have a number of different`
			`individuals handle these responsibilities. The number of people that you need`
			`on your team varies depending on the number of required skills that each team`
			`member possesses, the types of platforms involved in your EIM implementation,`
			`and how your organization prefers to divide its security roles and responsibilities.</p>`
			`<p>A successful EIM implementation requires the configuration and interaction`
			`of several software products. Because each of these products requires specific`
			`skills and roles, you may choose to create an EIM implementation team that`
			`consists of people from several different disciplines, particularly if you`
			`work in a large organization.</p>`
			`<p>The following information describes the skills and <a href="rzalveservereimauths.htm#rzalveservereimauths">EIM access control</a> authority`
			`required to implement EIM successfully. These skills are presented in terms`
			`of job titles for people who specialize in those skills. For example, a task`
			`requiring Lightweight Directory Access Protocol (LDAP) skills is referred`
			`to as a task for a Directory Server administrator.</p>`
			`<div class="section"><h4 class="sectiontitle">Team members and their roles</h4><p>The following information`
			`describes the responsibilities and required authority of the roles that are`
			`needed for managing EIM. You can use this list of roles to determine the team`
			`members that are needed to install and configure prerequisite products and`
			`to configure EIM and one or more EIM domains.</p>`
			`<p>One of the first sets`
			`of roles that you need to define is the number and type of administrators`
			`for your EIM domain. All personnel that are given EIM administrative duties`
			`and authority need to be involved in the EIM planning process as members of`
			`the EIM implementation team.</p>`
			`<div class="note"><span class="notetitle">Note:</span> EIM administrators play an important`
			`role in your organization and have as much power as individuals that are allowed`
			`to create user identities on your systems. When they create EIM associations`
			`for user identities, they determine who can access your computer systems and`
			`what privileges they have when doing so. IBM<sup>®</sup> recommends that you give this authority`
			`to those individuals in whom you have a high level of trust based on your`
			`company's security policy. </div>`
			`<p>The following table lists potential team`
			`member roles and the tasks and skills needed for configuring and managing`
			`EIM. For more detailed information about the EIM administrative tasks that`
			`each role can perform, see <a href="rzalveservereimauths.htm#rzalveservereimauths">EIM access control</a>.</p>`
			`<div class="note"><span class="notetitle">Note:</span> If`
			`a single person in your organization will be responsible for all EIM configuration`
			`and administration tasks, that person should be given the role and authority`
			`of EIM administrator. </div>`
			`<div class="p">`
			`<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" width="100%" frame="border" border="1" rules="all"><caption>Table 1. Roles,`
			`tasks, and skills for configuring EIM</caption><thead align="left"><tr><th align="left" valign="top" width="33.33333333333333%" id="d0e49">Role</th>`
			`<th valign="top" width="33.33333333333333%" id="d0e51">Authorized tasks</th>`
			`<th align="left" valign="top" width="33.33333333333333%" id="d0e53">Required skills</th>`
			`</tr>`
			`</thead>`
			`<tbody><tr><td valign="top" width="33.33333333333333%" headers="d0e49 ">EIM administrator</td>`
			`<td valign="top" width="33.33333333333333%" headers="d0e51 "><ul><li>Coordinating domain operations</li>`
			`<li>Adding, removing, and changing registry definitions, EIM identifiers,`
			`and associations for user identities</li>`
			`<li>Controller authority to the data within an EIM domain</li>`
			`</ul>`
			`</td>`
			`<td valign="top" width="33.33333333333333%" headers="d0e53 ">Knowledge of the EIM administration tools</td>`
			`</tr>`
			`<tr><td valign="top" width="33.33333333333333%" headers="d0e49 ">EIM identifiers administrator</td>`
			`<td valign="top" width="33.33333333333333%" headers="d0e51 "><ul><li>Creating and changing EIM identifiers</li>`
			`<li>Adding and removing administrative and source associations (cannot add`
			`or remove target associations)</li>`
			`</ul>`
			`</td>`
			`<td valign="top" width="33.33333333333333%" headers="d0e53 ">Knowledge of the EIM administration tools</td>`
			`</tr>`
			`<tr><td valign="top" width="33.33333333333333%" headers="d0e49 ">EIM registries administrator</td>`
			`<td valign="top" width="33.33333333333333%" headers="d0e51 ">Managing all EIM registry definitions: <ul><li>Adding and removing target associations (cannot add or remove source and`
			`administrative associations)</li>`
			`<li>Updating EIM registry definitions</li>`
			`</ul>`
			`</td>`
			`<td valign="top" width="33.33333333333333%" headers="d0e53 ">Knowledge of: <ul><li>All the user registries defined to the EIM domain (such as information`
			`about user identities)</li>`
			`<li>The EIM administration tools</li>`
			`</ul>`
			`</td>`
			`</tr>`
			`<tr><td valign="top" width="33.33333333333333%" headers="d0e49 ">EIM registry X administrator</td>`
			`<td valign="top" width="33.33333333333333%" headers="d0e51 ">Managing a specific EIM registry definition: <ul><li>Adding and removing target associations for a specific user registry (for`
			`example, registry X)</li>`
			`<li>Updating a specific EIM registry definition</li>`
			`</ul>`
			`</td>`
			`<td valign="top" width="33.33333333333333%" headers="d0e53 ">Knowledge of: <ul><li>The particular user registry defined to the EIM domain (such as information`
			`about user identities)</li>`
			`<li>The EIM administration tools</li>`
			`</ul>`
			`</td>`
			`</tr>`
			`<tr><td valign="top" width="33.33333333333333%" headers="d0e49 ">Directory server (LDAP) administrator</td>`
			`<td valign="top" width="33.33333333333333%" headers="d0e51 "><ul><li>Installing and configuring a directory server (if necessary)</li>`
			`<li>Customizing directory server configuration for EIM</li>`
			`<li>Creating an EIM domain (see note)</li>`
			`<li>Defining users that are authorized to access the EIM domain controller</li>`
			`<li>Optional: Defining the first EIM administrator<div class="note"><span class="notetitle">Note:</span> The directory server`
			`administrator can do can do everything that an EIM administrator can do.</div>`
			`</li>`
			`</ul>`
			`</td>`
			`<td valign="top" width="33.33333333333333%" headers="d0e53 ">Knowledge of: <ul><li>Directory server installation, configuration, and customization</li>`
			`<li>EIM administration tools</li>`
			`</ul>`
			`</td>`
			`</tr>`
			`<tr><td valign="top" width="33.33333333333333%" headers="d0e49 ">User registry administrator</td>`
			`<td valign="top" width="33.33333333333333%" headers="d0e51 "><ul><li>Setting up user profiles or user identities for a specific user registry</li>`
			`<li>Optional: Serving as an EIM registry administrator for specified user`
			`registry</li>`
			`</ul>`
			`</td>`
			`<td valign="top" width="33.33333333333333%" headers="d0e53 ">Knowledge of: <ul><li>Tools for administering the user registry</li>`
			`<li>EIM administration tools</li>`
			`</ul>`
			`</td>`
			`</tr>`
			`<tr><td valign="top" width="33.33333333333333%" headers="d0e49 ">System programmer or System administrator</td>`
			`<td valign="top" width="33.33333333333333%" headers="d0e51 ">Installing needed software products (may include installing`
			`EIM)</td>`
			`<td valign="top" width="33.33333333333333%" headers="d0e53 ">Knowledge of: <ul><li>System programming or administration skills</li>`
			`<li>Installation procedures for the platform</li>`
			`</ul>`
			`</td>`
			`</tr>`
			`<tr><td valign="top" width="33.33333333333333%" headers="d0e49 ">Application programmer</td>`
			`<td valign="top" width="33.33333333333333%" headers="d0e51 "><p>Writing applications that use EIM APIs</p>`
			`</td>`
			`<td valign="top" width="33.33333333333333%" headers="d0e53 ">Knowledge of: <ul><li>Platform</li>`
			`<li>Programming skills </li>`
			`<li>Compiling programs</li>`
			`</ul>`
			`</td>`
			`</tr>`
			`</tbody>`
			`</table>`
			`</div>`
			`</div>`
			`<p>After you identify which roles you want to use for configuring`
			`and managing EIM in your enterprise, you can <a href="rzalv_plan_domain.htm#rzalv_plan_domain">plan an EIM domain</a>.</p>`
			`</div>`
			`</div>`
			`<div>`
			`<div class="familylinks">`
			`<div class="parentlink"><strong>Parent topic:</strong> <a href="rzalv_plan_eim_for_eserver.htm">Plan Enterprise Identity Mapping for eServer</a></div>`
			`</div>`
			`</div>`
			`</body>`
			`</html>`