84 lines
6.4 KiB
HTML
84 lines
6.4 KiB
HTML
<?xml version="1.0" encoding="UTF-8"?>
|
|
<!DOCTYPE html
|
|
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
|
<html lang="en-us" xml:lang="en-us">
|
|
<head>
|
|
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
|
|
<meta name="security" content="public" />
|
|
<meta name="Robots" content="index,follow" />
|
|
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
|
|
<meta name="DC.Type" content="task" />
|
|
<meta name="DC.Title" content="Create identifier associations" />
|
|
<meta name="DC.Relation" scheme="URI" content="rzamzconfigssomgtcentral.htm" />
|
|
<meta name="DC.Relation" scheme="URI" content="rzamzcreateeimidentifiers.htm" />
|
|
<meta name="DC.Relation" scheme="URI" content="rzamzconfigurethemanagementcentral.htm" />
|
|
<meta name="copyright" content="(C) Copyright IBM Corporation 2000, 2006" />
|
|
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 2000, 2006" />
|
|
<meta name="DC.Format" content="XHTML" />
|
|
<meta name="DC.Identifier" content="rzamzcreateidentifierassociations" />
|
|
<meta name="DC.Language" content="en-us" />
|
|
<!-- All rights reserved. Licensed Materials Property of IBM -->
|
|
<!-- US Government Users Restricted Rights -->
|
|
<!-- Use, duplication or disclosure restricted by -->
|
|
<!-- GSA ADP Schedule Contract with IBM Corp. -->
|
|
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
|
|
<link rel="stylesheet" type="text/css" href="./ic.css" />
|
|
<title>Create identifier associations</title>
|
|
</head>
|
|
<body id="rzamzcreateidentifierassociations"><a name="rzamzcreateidentifierassociations"><!-- --></a>
|
|
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
|
|
<h1 class="topictitle1">Create identifier associations</h1>
|
|
<div><div class="section"><p>You need to create a source association and a target association
|
|
between each EIM identifier and the user profiles on each endpoint system
|
|
and also on the central system, <span class="uicontrol">iSeriesMC1</span>. You need
|
|
to perform this step for each user that you want to be able to access resources
|
|
through the central system. Although you could use policy associations, you
|
|
choose not to, thereby avoiding the risk of unintentionally granting asset
|
|
authority to users inappropriately. After you complete this step, each user
|
|
has one EIM identifier that is associated with each of their user profiles
|
|
on the endpoint systems. These associations allow the user to participate
|
|
in your single signon environment. Perform the following steps to create the
|
|
associations:</p>
|
|
</div>
|
|
<ol><li><span>Create the <strong>source</strong> association:</span><ol type="a"><li class="substepexpand"><span>Using <span class="keyword">iSeries™ Navigator</span> on
|
|
the PC, select the central system, <span class="uicontrol">iSeriesMC1</span>, and
|
|
expand <span class="uicontrol">Network-->Enterprise Identity Mapping-->Domain Management</span>.</span></li>
|
|
<li class="substepexpand"><span>Expand <samp class="codeph">MyCoEimDomain</samp> and select <span class="uicontrol">Identifiers</span>.
|
|
A list of identifiers displays in the right pane.</span></li>
|
|
<li class="substepexpand"><span>Right-click <samp class="codeph">Amanda Jones</samp> and select <span class="uicontrol">Properties</span>.</span></li>
|
|
<li class="substepexpand"><span>On the <span class="uicontrol">Associations</span> tab, click <span class="uicontrol">Add</span>.</span></li>
|
|
<li class="substepexpand"><span>On the <span class="uicontrol">Add Association</span> page, click <span class="uicontrol">Browse...</span> next
|
|
to the <span class="uicontrol">Registry</span> field, and select the registry definition
|
|
for the endpoint system registry that contains the user profile that you want
|
|
to associate with the <samp class="codeph">Amanda Jones</samp> identifier. </span> For
|
|
this example, you want to create an association between the EIM identifier, <samp class="codeph">Amanda
|
|
Jones</samp>, and the user profile <samp class="codeph">AMJONES</samp> on endpoint
|
|
system <span class="uicontrol">iSeries A</span>.</li>
|
|
<li class="substepexpand"><span>In the <span class="uicontrol">User</span> field, enter the user profile <samp class="codeph">AMJONES</samp>.</span></li>
|
|
<li class="substepexpand"><span>In the <span class="uicontrol">Association type</span> field, select <span class="uicontrol">Source</span> and
|
|
click <span class="uicontrol">OK</span>. The association is added to the list of associations
|
|
on the <span class="uicontrol">Associations</span> tab.</span></li>
|
|
</ol>
|
|
</li>
|
|
<li><span>Create the <strong>target</strong> association:</span><ol type="a"><li><span>On the <span class="uicontrol">Associations</span> tab of the <span class="uicontrol">EIM
|
|
Identifiers</span> page, click <span class="uicontrol">Add</span></span></li>
|
|
<li><span>On the <span class="uicontrol">Add Association</span> page, click <span class="uicontrol">Browse...</span> and
|
|
select the registry name for <span class="uicontrol">iSeries A</span>.</span></li>
|
|
<li><span>In the <span class="uicontrol">User</span> field, enter the user profile <samp class="codeph">AMJONES</samp>.</span></li>
|
|
<li><span></span></li>
|
|
</ol>
|
|
</li>
|
|
</ol>
|
|
<div class="section">Repeat these steps for each endpoint system and each EIM identifier
|
|
that you want to create associations for. When you are finished, click <span class="uicontrol">OK</span> on
|
|
the <span class="uicontrol">EIM Identifiers Properties</span> dialog.</div>
|
|
</div>
|
|
<div>
|
|
<div class="familylinks">
|
|
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzamzconfigssomgtcentral.htm" title="View this scenario to learn how to configure your Management Central servers to participate in a single signon environment. After administrators complete the scenario for propagating a single signon configuration across multiple systems, they can do the necessary configuration so that their Management Central servers can participate in the single signon environment.">Scenario: Configure the Management Central servers for single signon</a></div>
|
|
<div class="previouslink"><strong>Previous topic:</strong> <a href="rzamzcreateeimidentifiers.htm">Create EIM identifiers</a></div>
|
|
<div class="nextlink"><strong>Next topic:</strong> <a href="rzamzconfigurethemanagementcentral.htm">Configure the Management Central servers to use network authentication service</a></div>
|
|
</div>
|
|
</div>
|
|
</body>
|
|
</html> |