friedkiwi/ibm-information-center
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
14ed2849c6
ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzalv_5.4.0.1/rzalveserverracf.htm

80 lines
5.2 KiB
HTML
Raw Blame History

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us" xml:lang="en-us">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="security" content="public" />
<meta name="Robots" content="index,follow" />
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
<meta name="DC.Type" content="concept" />
<meta name="DC.Title" content="Application registry definitions" />
<meta name="abstract" content="Use this information to learn how to create users registries for certain applications." />
<meta name="description" content="Use this information to learn how to create users registries for certain applications." />
<meta name="DC.Relation" scheme="URI" content="rzalveserverregistry.htm" />
<meta name="copyright" content="(C) Copyright IBM Corporation 2002, 2006" />
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 2002, 2006" />
<meta name="DC.Format" content="XHTML" />
<meta name="DC.Identifier" content="rzalveserverracf" />
<meta name="DC.Language" content="en-us" />
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights -->
<!-- Use, duplication or disclosure restricted by -->
<!-- GSA ADP Schedule Contract with IBM Corp. -->
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
<link rel="stylesheet" type="text/css" href="./ic.css" />
<title>Application registry definitions</title>
</head>
<body id="rzalveserverracf"><a name="rzalveserverracf"><!-- --></a>
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
<h1 class="topictitle1">Application registry definitions</h1>
<div><p>Use this information to learn how to create users registries for
certain applications.</p>
<p>An application registry definition is an entry in Enterprise Identity Mapping
(EIM) that you create to describe and represent a subset of user identities
that are defined in a system registry. These user identities share a common
set of attributes or characteristics that allow them to use a particular application
or set of applications. Application registry definitions represent user registries
that exist within other user registries. For example, the z/OS<sup>®</sup> Security
Server (RACF<sup>®</sup>)
registry can contain specific user registries that are a subset of users within
the overall RACF user
registry. Because the of this relationship, you must specify the name of the
parent system registry for any application registry definition that you create.</p>
<p>You can create an EIM application registry definition for a user registry
when the user identities in the registry have the following traits:</p>
<ul><li>The user identities for an application is not stored in a user registry
specific to the application.</li>
<li>The user identities for an application is stored in a system registry
that contains user identities for other applications.</li>
</ul>
<p>EIM lookup operations perform correctly regardless of whether an EIM administrator
creates an application or a system registry definition for a user registry.
However, separate registry definitions allow mapping data to be managed on
an application basis. The responsibility of managing application-specific
mappings can be assigned to an administrator for a specific registry.</p>
<p>For example, Figure 7 shows how an EIM administrator created a system registry
definition to represent a z/OS Security Server RACF registry. The administrator also created
an application registry definition to represent the user identities within
the RACF registry
that use z/OS<sup>(TM)</sup> UNIX<sup>®</sup> System Services (z/OS UNIX). System
C contains a RACF user
registry that contains information for three user identities, <samp class="codeph">DAY1</samp>, <samp class="codeph">ANN1</samp>,
and <samp class="codeph">SMITH1</samp>. Two of these user identities (<samp class="codeph">DAY1</samp>
and <samp class="codeph">SMITH1</samp>) access z/OS UNIX on System C. These user identities
are actually RACF users
with unique attributes that identify them as z/OS UNIX users. Within the EIM registry definitions,
the EIM administrator defined <samp class="codeph">System_C_RACF</samp> to represent
the overall RACF user
registry. The administrator also defined <samp class="codeph">System_C_UNIX</samp> to
represent the user identities that have z/OS UNIX attributes. </p>
<p><strong>Figure 7:</strong> EIM registry definitions for the RACF user registry and for users of z/OS UNIX </p>
<p><br /><img src="rzalv512.gif" alt="Registry definitions for the RACF user registry and for users of z/OS UNIX" /><br /></p>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzalveserverregistry.htm" title="This information explains how you can create a registry definition to hold all your user registries for a system.">EIM registry definitions</a></div>
</div>
</div>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink