ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzalv_5.4.0.1/rzalvcnfg.htm

123 lines
8.2 KiB
HTML

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us" xml:lang="en-us">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="security" content="public" />
<meta name="Robots" content="index,follow" />
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
<meta name="DC.Type" content="task" />
<meta name="DC.Title" content="Configure Enterprise Identity Mapping" />
<meta name="abstract" content="Use this information to learn how to use the Enterprise Identity Mapping (EIM) Configuration wizard to configure EIM for your iSeries servers." />
<meta name="description" content="Use this information to learn how to use the Enterprise Identity Mapping (EIM) Configuration wizard to configure EIM for your iSeries servers." />
<meta name="DC.Relation" scheme="URI" content="rzalvmst.htm" />
<meta name="DC.Relation" scheme="URI" content="rzalvcnfgconfigwiz2.htm" />
<meta name="DC.Relation" scheme="URI" content="rzalvcnfgconfigwiz3.htm" />
<meta name="DC.Relation" scheme="URI" content="rzalvcnfgconfigwizard.htm" />
<meta name="DC.Relation" scheme="URI" content="rzalvseccon.htm" />
<meta name="copyright" content="(C) Copyright IBM Corporation 2002, 2006" />
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 2002, 2006" />
<meta name="DC.Format" content="XHTML" />
<meta name="DC.Identifier" content="rzalvcnfg" />
<meta name="DC.Language" content="en-us" />
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights -->
<!-- Use, duplication or disclosure restricted by -->
<!-- GSA ADP Schedule Contract with IBM Corp. -->
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
<link rel="stylesheet" type="text/css" href="./ic.css" />
<title>Configure Enterprise Identity Mapping</title>
</head>
<body id="rzalvcnfg"><a name="rzalvcnfg"><!-- --></a>
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
<h1 class="topictitle1">Configure Enterprise Identity Mapping</h1>
<div><p>Use this information to learn how to use the Enterprise Identity
Mapping (EIM) Configuration wizard to configure EIM for your iSeries™ servers.</p>
<div class="section"><p>The EIM Configuration wizard allows you to complete a basic EIM
configuration for your iSeries quickly and easily. The wizard provides you
with three EIM system configuration options. How you use the wizard to configure
EIM on a specific system depends on your overall plan for using EIM in your
enterprise and your EIM configuration needs. For example, many administrators
want to use EIM in conjunction with <a href="../rzakh/rzakh000.htm">network authentication service</a> to create a <a href="../rzamz/rzamzsso.htm">single signon</a> environment
across multiple systems and platforms without a need to change underlying
security policies. Consequently, the EIM Configuration wizard allows you to
configure network authentication service as part of your EIM configuration.
However, configuring and using network authentication service is not a prerequisite
or requirement for configuring and using EIM.</p>
<p>Before you begin the process
of configuring EIM for one or more systems, <a href="rzalvplan.htm#rzalvplan">plan
your EIM implementation</a> to gather the information you need. For example,
you need to make decisions about the following:</p>
<ul><li>Which iSeries server
do you want to configure as the EIM domain controller for the EIM domain?
Use the EIM Configuration wizard to create a new domain on this system first,
then use the wizard to configure all additional iSeries servers to join this domain. </li>
<li>Do you want to configure network authentication service on each system
that you configure for EIM? If so, you can use the EIM Configuration wizard
to create a basic network authentication service configuration on each iSeries server.
However, you must perform other tasks to complete your network authentication
service configuration. </li>
</ul>
<p>After you use the EIM Configuration wizard to create a basic configuration
for each iSeries server,
there are still a number of EIM configuration tasks that you must perform
before you have a complete EIM configuration. See <a href="../rzamz/rzamzenablessoos400.htm">Scenario: Enable single signon </a> for an example that shows
how a fictitious company configured a single signon environment using network
authentication service and EIM.</p>
<p>To configure EIM, you must have all
of the following special authorities: </p>
<ul><li>Security administrator (*SECADM).</li>
<li>All object (*ALLOBJ). </li>
<li>System configuration (*IOSYSCFG). </li>
</ul>
<p>Before you use the EIM Configuration wizard, you should have completed
all <a href="rzalvplan.htm#rzalvplan">Plan for Enterprise Identity Mapping</a> steps to determine exactly
how you will use EIM. If you are configuring EIM as part of creating a single
signon environment, then you should complete all <a href="../rzamz/rzamzplan.htm">single signon planning</a> steps as well. </p>
<p>To access
the EIM Configuration wizard, follow these steps:</p>
</div>
<ol><li><span>Start iSeries Navigator.</span></li>
<li><span>Sign on to the iSeries server for which you want to configure EIM.
If you are configuring EIM for more than one iSeries server, begin with the one on
which you want to configure the domain controller for EIM.</span></li>
<li><span>Expand <span class="menucascade"><span class="uicontrol">Network </span> &gt; <span class="uicontrol">Enterprise
Identity Mapping</span></span>.</span></li>
<li><span>Right-click <span class="uicontrol">Configuration</span> and select <span class="uicontrol">Configure...</span> to
launch the EIM Configuration wizard.</span></li>
<li><span>Select an EIM configuration option and follow the instructions
that the wizard provides to complete the wizard.</span></li>
<li><span>Click <span class="uicontrol">Help</span>, if necessary, to determine what
information to specify as you proceed through the wizard.</span></li>
</ol>
<div class="section"><p>Once your planning is complete, you can use the EIM Configuration
wizard to create one of three basic EIM configurations. You can use the wizard
to join an existing domain or to create and join a new domain. When you use
the EIM Configuration wizard to create and join a new domain, you can choose
whether to configure an EIM domain controller on a local or a remote system.
The following information provides instructions for configuring EIM based
on which type of basic EIM configuration you need:</p>
</div>
</div>
<div>
<ul class="ullinks">
<li class="ulchildlink"><strong><a href="rzalvcnfgconfigwiz2.htm">Create and join a new local domain</a></strong><br />
This information explains how to create a new Enterprise Identity Mapping (EIM) domain for your enterprise and to configure the local directory server to be the EIM domain controller for the new domain.</li>
<li class="ulchildlink"><strong><a href="rzalvcnfgconfigwiz3.htm">Create and join a new remote domain</a></strong><br />
This information explains how to create a new Enterprise Identity Mapping (EIM) domain for your enterprise and to configure a remote directory server to be the EIM domain controller for the new domain.</li>
<li class="ulchildlink"><strong><a href="rzalvcnfgconfigwizard.htm">Join an existing domain</a></strong><br />
This information explains how you can use the Enterprise Identity
Mapping (EIM) Configuration wizard on one iSeries system to configure a domain
controller and create an EIM domain, then use the wizard to configure other iSeries servers
to participate in the domain.</li>
<li class="ulchildlink"><strong><a href="rzalvseccon.htm">Configure a secure connection to the EIM domain controller</a></strong><br />
This information explains how to setup a secure connection to a domain controller with SSL or TLS.</li>
</ul>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzalvmst.htm">Enterprise Identity Mapping</a></div>
</div>
</div>
</body>
</html>