friedkiwi/ibm-information-center
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
6290434003
ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzamz_5.4.0.1/rzamzcreatesourceassociationandtargetassociationfortheneweimidentifier.htm

91 lines
6.9 KiB
HTML
Raw Normal View History

Add readme and dist folders
2024-04-02 14:02:31 +00:00
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us" xml:lang="en-us">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="security" content="public" />
<meta name="Robots" content="index,follow" />
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
<meta name="DC.Type" content="task" />
<meta name="DC.Title" content="Create source association and target association for the new EIM identifier" />
<meta name="DC.Relation" scheme="URI" content="rzamzenablesso.htm" />
<meta name="DC.Relation" scheme="URI" content="rzamzcreateeimidentifierforjohnday.htm" />
<meta name="DC.Relation" scheme="URI" content="rzamztesteimidentitymappings.htm" />
<meta name="copyright" content="(C) Copyright IBM Corporation 2000, 2006" />
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 2000, 2006" />
<meta name="DC.Format" content="XHTML" />
<meta name="DC.Identifier" content="rzamzcreatesourceassociationandtargetassociationfortheneweimidentifier" />
<meta name="DC.Language" content="en-us" />
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights -->
<!-- Use, duplication or disclosure restricted by -->
<!-- GSA ADP Schedule Contract with IBM Corp. -->
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
<link rel="stylesheet" type="text/css" href="./ic.css" />
<title>Create source association and target association for the new EIM identifier</title>
</head>
<body id="rzamzcreatesourceassociationandtargetassociationfortheneweimidentifier"><a name="rzamzcreatesourceassociationandtargetassociationfortheneweimidentifier"><!-- --></a>
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
<h1 class="topictitle1">Create source association and target association for the new EIM identifier</h1>
<div><div class="section"><p>You must create the appropriate associations between the EIM identifier
and the user identities that the person represented by the identifier uses.
These identifier associations, when properly configured, enable the user to
participate in a single signon environment. </p>
<div class="p">In this scenario, you need
to create two identifier associations for the John Day identifier:<ul><li>A source association for the <tt>jday</tt> Kerberos principal, which is
the user identity that John Day, the person, uses to log in to Windows<sup>®</sup> and
the network. The source association allows the Kerberos principal to be mapped
to another user identity as defined in a corresponding target association.</li>
<li>A target association for the <tt>JOHND</tt> <span class="keyword">i5/OS™</span> user
profile, which is the user identity that John Day, the person, uses to log
in to <span class="keyword">iSeries™ Navigator</span> and other <span class="keyword">i5/OS</span> applications on <span class="keyword">iSeries</span> A.
The target association specifies that a mapping lookup operation can map to
this user identity from another one as defined in a source association for
the same identifier.</li>
</ul>
</div>
<p>Now that you have created the John Day identifier, you need to
create both a source association and a target association for it.</p>
<p><span class="uicontrol">To
create a source association between the Kerberos principal and the John Day
identifier, follow these steps:</span></p>
</div>
<ol><li class="stepexpand"><span>In <span class="keyword">iSeries Navigator</span>, expand <span class="menucascade"><span class="uicontrol">iSeries A</span> &gt; <span class="uicontrol">Enterprise Identity Mapping</span> &gt; <span class="uicontrol">Domain Management</span> &gt; <span class="uicontrol">MyCoEimDomain</span> &gt; <span class="uicontrol">Identifiers</span></span>.</span></li>
<li class="stepexpand"><span>Right-click <span class="uicontrol">John Day</span>, and select <span class="uicontrol">Properties</span>.</span></li>
<li class="stepexpand"><span>On the <span class="uicontrol">Associations</span> page, click <span class="uicontrol">Add</span>.</span></li>
<li class="stepexpand"><span>In the <span class="uicontrol">Add Association</span> dialog, specify or <span class="uicontrol">Browse...</span> to
select the following information, and click <span class="uicontrol">OK</span>:</span> <ul><li><span class="uicontrol">Registry</span>: <tt>MYCO.COM</tt></li>
<li><span class="uicontrol">User</span>: <tt>jday</tt></li>
<li><span class="uicontrol">Association type</span>: <tt>Source</tt></li>
</ul>
</li>
<li class="stepexpand"><span>Click <span class="uicontrol">OK</span> to close the <span class="uicontrol">Add Association</span> dialog.</span></li>
</ol>
<div class="section"><p><span class="uicontrol">To create a target association between the i5/OS user
profile and the John Day identifier, follow these steps:</span></p>
<ol><li>Click <span class="uicontrol">OK</span> to close the <span class="uicontrol">Add Association</span> dialog.</li>
<li>On the <span class="uicontrol">Associations</span> page, click <span class="uicontrol">Add</span>.</li>
<li>On the <span class="uicontrol">Add Association</span> dialog, specify or <span class="uicontrol">Browse...</span> to
select the following information, and click <span class="uicontrol">OK</span>: <ul><li><span class="uicontrol">Registry</span>: <tt>ISERIESA.MYCO.COM</tt></li>
<li><span class="uicontrol">User</span>: <tt>JOHND</tt></li>
<li><span class="uicontrol">Association type</span>: <tt>Target</tt></li>
</ul>
</li>
<li>Click <span class="uicontrol">OK</span> to close the <span class="uicontrol">Add Association</span> dialog.</li>
<li>Click <span class="uicontrol">OK</span> to close the <span class="uicontrol">Properties</span> dialog.</li>
</ol>
<p>Now that you have created an identifier and added the appropriate
associations to the identifier, you need to test that the mappings between
associated user identities works correctly.</p>
</div>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzamzenablesso.htm" title="In this scenario, you want to configure network authentication service and EIM to create a basic single signon test environment. Use this scenario to gain a basic understanding of what configuring a single signon environment involves on a small scale before implementing single signon across an entire enterprise.">Scenario: Create a single signon test environment</a></div>
<div class="previouslink"><strong>Previous topic:</strong> <a href="rzamzcreateeimidentifierforjohnday.htm">Create EIM identifier for John Day</a></div>
<div class="nextlink"><strong>Next topic:</strong> <a href="rzamztesteimidentitymappings.htm">Test EIM identity mappings</a></div>
</div>
</div>
</body>
</html>
Reference in New Issue Copy Permalink