friedkiwi/ibm-information-center
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
14ed2849c6
ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzakh_5.4.0.1/rzakhssoscenario_testeimidentitymappings.htm

258 lines
17 KiB
HTML
Raw Blame History

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us" xml:lang="en-us">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="security" content="public" />
<meta name="Robots" content="index,follow" />
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
<meta name="DC.Type" content="task" />
<meta name="DC.Title" content="Test EIM identity mappings" />
<meta name="DC.Relation" scheme="URI" content="rzakhscen2.htm" />
<meta name="DC.Relation" scheme="URI" content="rzakhssoscenario_enableregistrieslookup.htm" />
<meta name="DC.Relation" scheme="URI" content="rzakhssoscenario_configureiseriesaccessforwinapps.htm" />
<meta name="copyright" content="(C) Copyright IBM Corporation 1998, 2006" />
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 1998, 2006" />
<meta name="DC.Format" content="XHTML" />
<meta name="DC.Identifier" content="rzakhssoscenario_testeimidentitymappings" />
<meta name="DC.Language" content="en-us" />
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights -->
<!-- Use, duplication or disclosure restricted by -->
<!-- GSA ADP Schedule Contract with IBM Corp. -->
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
<link rel="stylesheet" type="text/css" href="./ic.css" />
<title>Test EIM identity mappings</title>
</head>
<body id="rzakhssoscenario_testeimidentitymappings"><a name="rzakhssoscenario_testeimidentitymappings"><!-- --></a>
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
<h1 class="topictitle1">Test EIM identity mappings</h1>
<div><div class="section">Now that you have created all the associations that you need, you
must verify that EIM mapping lookup operations return the correct results
based on the configured associations. For this scenario, you must test the
mappings used for the identifier associations for each of the administrators
and you must test the mappings used for the default registry policy associations.
To test the EIM mappings, follow these steps:<p><strong>Test mappings for John
Day</strong></p>
<p>To test that identifier mappings work as expected for John Day,
follow these steps:</p>
</div>
<ol><li class="stepexpand"><span>In iSeries™ Navigator,
expand <span class="menucascade"><span class="uicontrol">iSeries A</span> &gt; <span class="uicontrol">Network</span> &gt; <span class="uicontrol">Enterprise Identity Mapping</span> &gt; <span class="uicontrol">Domain Management</span> &gt; <span class="uicontrol">MyCoEimDomain</span></span>.</span> <div class="note"><span class="notetitle">Note:</span> You may
be prompted to connect to the domain controller. In that case, the <span class="uicontrol">Connect
to EIM Domain Controller</span> dialog box is displayed. You must connect
to the domain before you can perform actions in it. To connect to the domain
controller, provide the following information and click <span class="uicontrol">OK</span>:</div>
<ol type="a"><li class="substepexpand"><span><span class="uicontrol">User type</span>: <tt>Distinguished name</tt></span></li>
<li class="substepexpand"><span><span class="uicontrol">Distinguished name</span>: <tt>cn=administrator</tt></span></li>
<li class="substepexpand"><span><span class="uicontrol">Password</span>: <tt>mycopwd</tt></span> <div class="note"><span class="notetitle">Note:</span> Any
and all passwords specified in this scenario are for example purposes only.
To prevent a compromise to your system or network security, you should never
use these passwords as part of your own configuration.</div>
</li>
</ol>
</li>
<li class="stepexpand"><span>Right-click <span class="uicontrol">MyCoEimDomain</span> and select <span class="uicontrol">Test
a mapping...</span>.</span></li>
<li class="stepexpand"><span>On the <span class="uicontrol">Test a mapping</span> dialog box, specify
or <span class="uicontrol">Browse...</span> to select the following information, and
click <span class="uicontrol">Test</span>:</span> <ol type="a"><li><span><span class="uicontrol">Source registry</span>: <tt>MYCO.COM</tt></span></li>
<li><span><span class="uicontrol">Source user</span>: <tt>jday</tt></span></li>
<li><span><span class="uicontrol">Target registry</span>: <tt>ISERIESA.MYCO.COM</tt></span></li>
</ol>
Results will display in the <span class="uicontrol">Mapping found</span> portion
of the page, as follows:
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" frame="border" border="1" rules="all"><thead align="left"><tr><th valign="top" id="d0e125">For these fields</th>
<th valign="top" id="d0e127">See these results</th>
</tr>
</thead>
<tbody><tr><td valign="top" headers="d0e125 ">Target user</td>
<td valign="top" headers="d0e127 ">JOHND</td>
</tr>
<tr><td valign="top" headers="d0e125 ">Origin</td>
<td valign="top" headers="d0e127 ">EIM Identifier: John Day</td>
</tr>
</tbody>
</table>
</div>
</li>
<li class="stepexpand"><span>Click <span class="uicontrol">Close</span>.</span></li>
<li class="stepexpand"><span>Repeat these steps but select <tt>ISERIESB.MYCO.COM</tt> for the <span class="uicontrol">Target
registry</span> field.</span> Results will display in the <span class="uicontrol">Mapping
found</span> portion of the page, as follows:
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" frame="border" border="1" rules="all"><thead align="left"><tr><th valign="top" width="50%" id="d0e166">For these fields</th>
<th valign="top" width="50%" id="d0e168">See these results</th>
</tr>
</thead>
<tbody><tr><td valign="top" width="50%" headers="d0e166 ">Target user</td>
<td valign="top" width="50%" headers="d0e168 ">DAYJO</td>
</tr>
<tr><td valign="top" width="50%" headers="d0e166 ">Origin</td>
<td valign="top" width="50%" headers="d0e168 ">EIM Identifier: John Day</td>
</tr>
</tbody>
</table>
</div>
<p><strong>Test mappings for Sharon Jones</strong></p>
<p>To test the mappings
used for the individual associations for Sharon Jones, follow these steps:</p>
</li>
<li class="stepexpand"><span>In iSeries Navigator,
expand <span class="menucascade"><span class="uicontrol">iSeries A</span> &gt; <span class="uicontrol">Network</span> &gt; <span class="uicontrol">Enterprise Identity Mapping</span> &gt; <span class="uicontrol">Domain Management</span> &gt; <span class="uicontrol">MyCoEimDomain</span></span>.</span> <div class="note"><span class="notetitle">Note:</span> You may
be prompted to connect to the domain controller. In that case, the <span class="uicontrol">Connect
to EIM Domain Controller</span> dialog box is displayed. You must connect
to the domain before you can perform actions in it. To connect to the domain
controller, provide the following information and click <span class="uicontrol">OK</span>:</div>
<ol type="a"><li class="substepexpand"><span><span class="uicontrol">User type</span>: <tt>Distinguished name</tt></span></li>
<li class="substepexpand"><span><span class="uicontrol">Distinguished name</span>: <tt>cn=administrator</tt></span></li>
<li class="substepexpand"><span><span class="uicontrol">Password</span>: <tt>mycopwd</tt></span> <div class="note"><span class="notetitle">Note:</span> Any
and all passwords specified in this scenario are for example purposes only.
To prevent a compromise to your system or network security, you should never
use these passwords as part of your own configuration.</div>
</li>
</ol>
</li>
<li class="stepexpand"><span>Right-click <span class="uicontrol">MyCoEimDomain</span> and select <span class="uicontrol">Test
a mapping...</span>.</span></li>
<li class="stepexpand"><span>On the <span class="uicontrol">Test a mapping</span> dialog box, specify
or <span class="uicontrol">Browse...</span> to select the following information, and
click <span class="uicontrol">Test</span>:</span><ol type="a"><li><span><span class="uicontrol">Source registry</span>: <tt>MYCO.COM</tt></span></li>
<li><span><span class="uicontrol">Source user</span>: <tt>sjones</tt></span></li>
<li><span><span class="uicontrol">Target registry</span>: <tt>ISERIESA.MYCO.COM</tt></span></li>
</ol>
Results will display in the <span class="uicontrol">Mapping found</span> portion
of the page, as follows:
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" frame="border" border="1" rules="all"><thead align="left"><tr><th valign="top" width="50%" id="d0e293">For these fields</th>
<th valign="top" width="50%" id="d0e295">See these results</th>
</tr>
</thead>
<tbody><tr><td valign="top" width="50%" headers="d0e293 ">Target user</td>
<td valign="top" width="50%" headers="d0e295 ">SHARONJ</td>
</tr>
<tr><td valign="top" width="50%" headers="d0e293 ">Origin</td>
<td valign="top" width="50%" headers="d0e295 ">EIM Identifier: Sharon Jones</td>
</tr>
</tbody>
</table>
</div>
</li>
<li class="stepexpand"><span>Click <span class="uicontrol">Close</span>.</span></li>
<li class="stepexpand"><span>Repeat these steps but select <tt>ISERIESB.MYCO.COM</tt> for the <span class="uicontrol">Target
registry</span> field. </span> Results will display in the <span class="uicontrol">Mapping
found</span> portion of the page, as follows:
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" frame="border" border="1" rules="all"><thead align="left"><tr><th valign="top" width="50%" id="d0e334">For these fields</th>
<th valign="top" width="50%" id="d0e336">See these results</th>
</tr>
</thead>
<tbody><tr><td valign="top" width="50%" headers="d0e334 ">Target user</td>
<td valign="top" width="50%" headers="d0e336 ">JONESSH</td>
</tr>
<tr><td valign="top" width="50%" headers="d0e334 ">Origin</td>
<td valign="top" width="50%" headers="d0e336 ">EIM Identifier: Sharon Jones</td>
</tr>
</tbody>
</table>
</div>
<p><strong>Test mappings used for default registry policy associations</strong></p>
<p>To
test that mappings work as expected for the users in the Order Receiving Department,
as based on the policy associations that you defined, follow these steps:</p>
</li>
<li class="stepexpand"><span>In iSeries Navigator,
expand <span class="menucascade"><span class="uicontrol">iSeries A</span> &gt; <span class="uicontrol">Network</span> &gt; <span class="uicontrol">Enterprise Identity Mapping</span> &gt; <span class="uicontrol">Domain Management</span> &gt; <span class="uicontrol">MyCoEimDomain</span></span>.</span> <div class="note"><span class="notetitle">Note:</span> ou may
be prompted to connect to the domain controller. In that case, the <span class="uicontrol">Connect
to EIM Domain Controller</span> dialog box is displayed. You must connect
to the domain before you can perform actions in it. To connect to the domain
controller, provide the following information and click <span class="uicontrol">OK</span>:</div>
<ol type="a"><li class="substepexpand"><span><span class="uicontrol">User type</span>: <tt>Distinguished name</tt></span></li>
<li class="substepexpand"><span><span class="uicontrol">Distinguished name</span>: <tt>cn=administrator</tt></span></li>
<li class="substepexpand"><span><span class="uicontrol">Password</span>: <tt>mycopwd</tt></span> <div class="note"><span class="notetitle">Note:</span> Any
and all passwords specified in this scenario are for example purposes only.
To prevent a compromise to your system or network security, you should never
use these passwords as part of your own configuration.</div>
</li>
</ol>
</li>
<li class="stepexpand"><span>Right-click <span class="uicontrol">MyCoEimDomain</span> and select <span class="uicontrol">Test
a mapping...</span>.</span></li>
<li class="stepexpand"><span>On the <span class="uicontrol">Test a mapping</span> dialog box, specify
or <span class="uicontrol">Browse...</span> to select the following information, and
click <span class="uicontrol">Test</span>:</span><ol type="a"><li class="substepexpand"><span><span class="uicontrol">Source registry</span>: <tt>MYCO.COM</tt></span></li>
<li class="substepexpand"><span><span class="uicontrol">Source user</span>: <tt>mmiller</tt></span></li>
<li class="substepexpand"><span><span class="uicontrol">Target registry</span>: <tt>ISERIESA.MYCO.COM</tt></span> Results will display in the <span class="uicontrol">Mapping found</span> portion
of the page, as follows:
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" frame="border" border="1" rules="all"><thead align="left"><tr><th valign="top" width="50%" id="d0e460">For these fields</th>
<th valign="top" width="50%" id="d0e462">See these results</th>
</tr>
</thead>
<tbody><tr><td valign="top" width="50%" headers="d0e460 ">Target user</td>
<td valign="top" width="50%" headers="d0e462 ">SYSUSERA</td>
</tr>
<tr><td valign="top" width="50%" headers="d0e460 ">Origin</td>
<td valign="top" width="50%" headers="d0e462 ">Registry policy association</td>
</tr>
</tbody>
</table>
</div>
</li>
</ol>
</li>
<li class="stepexpand"><span>Click <span class="uicontrol">Close</span>.</span> <p><strong>To test the
mappings used for the default registry policy association that maps your users
to the SYSUSERB profile on iSeries B, follow these steps:</strong></p>
</li>
<li class="stepexpand"><span>In iSeries Navigator,
expand <span class="menucascade"><span class="uicontrol">iSeries A</span> &gt; <span class="uicontrol">Network</span> &gt; <span class="uicontrol">Enterprise Identity Mapping</span> &gt; <span class="uicontrol">Domain Management</span> &gt; <span class="uicontrol">MyCoEimDomain</span></span></span> <div class="note"><span class="notetitle">Note:</span> You may
be prompted to connect to the domain controller. In that case, the <span class="uicontrol">Connect
to EIM Domain Controller</span> dialog box is displayed. You must connect
to the domain before you can perform actions in it. To connect to the domain
controller, provide the following information and click <span class="uicontrol">OK</span>:</div>
<ol type="a"><li class="substepexpand"><span><span class="uicontrol">User type</span>: <tt>Distinguished name</tt></span></li>
<li class="substepexpand"><span><span class="uicontrol">Distinguished name</span>: <tt>cn=administrator</tt></span></li>
<li class="substepexpand"><span><span class="uicontrol">Password</span>: <tt>mycopwd</tt></span> <div class="note"><span class="notetitle">Note:</span> Any
and all passwords specified in this scenario are for example purposes only.
To prevent a compromise to your system or network security, you should never
use these passwords as part of your own configuration.</div>
</li>
</ol>
</li>
<li class="stepexpand"><span>Right-click <span class="uicontrol">MyCoEimDomain</span> and select <span class="uicontrol">Test
a mapping...</span>.</span></li>
<li class="stepexpand"><span>On the <span class="uicontrol">Test a mapping</span> dialog box, specify
or <span class="uicontrol">Browse...</span> to select the following information, and
click <span class="uicontrol">Test</span>:</span><ol type="a"><li><span><span class="uicontrol">Source registry</span>: <tt>MYCO.COM</tt></span></li>
<li><span><span class="uicontrol">Source user</span>: <tt>ksmith</tt></span></li>
<li><span><span class="uicontrol">Target registry</span>: <tt>ISERIESB.MYCO.COM</tt></span></li>
</ol>
Results will display in the <span class="uicontrol">Mapping found</span> portion
of the page, as follows:
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" frame="border" border="1" rules="all"><thead align="left"><tr><th valign="top" width="50%" id="d0e593">For these fields</th>
<th valign="top" width="50%" id="d0e595">See these results</th>
</tr>
</thead>
<tbody><tr><td valign="top" width="50%" headers="d0e593 ">Target user</td>
<td valign="top" width="50%" headers="d0e595 ">SYSUSERB</td>
</tr>
<tr><td valign="top" width="50%" headers="d0e593 ">Origin</td>
<td valign="top" width="50%" headers="d0e595 ">Registry policy association</td>
</tr>
</tbody>
</table>
</div>
</li>
<li class="stepexpand"><span>Click <span class="uicontrol">Close</span>.</span> If you receive messages
or errors that indicate problems with your mappings or with communications,
see <a href="../rzalv/rzalvtrblshoot.htm">Troubleshoot
EIM</a> to help you find solutions to these problems.</li>
</ol>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzakhscen2.htm" title="Use the following scenario to become familiar with the prerequisites and objectives for enabling single signon for i5/OS.">Scenario: Enable single signon for i5/OS</a></div>
<div class="previouslink"><strong>Previous topic:</strong> <a href="rzakhssoscenario_enableregistrieslookup.htm">Enable registries to participate in lookup operations and to use policy associations</a></div>
<div class="nextlink"><strong>Next topic:</strong> <a href="rzakhssoscenario_configureiseriesaccessforwinapps.htm">Configure iSeries Access for Windows applications to use Kerberos authentication</a></div>
</div>
</div>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink