ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzamz_5.4.0.1/rzamzcreateidentifierassociations.htm

84 lines
6.4 KiB
HTML

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us" xml:lang="en-us">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="security" content="public" />
<meta name="Robots" content="index,follow" />
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
<meta name="DC.Type" content="task" />
<meta name="DC.Title" content="Create identifier associations" />
<meta name="DC.Relation" scheme="URI" content="rzamzconfigssomgtcentral.htm" />
<meta name="DC.Relation" scheme="URI" content="rzamzcreateeimidentifiers.htm" />
<meta name="DC.Relation" scheme="URI" content="rzamzconfigurethemanagementcentral.htm" />
<meta name="copyright" content="(C) Copyright IBM Corporation 2000, 2006" />
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 2000, 2006" />
<meta name="DC.Format" content="XHTML" />
<meta name="DC.Identifier" content="rzamzcreateidentifierassociations" />
<meta name="DC.Language" content="en-us" />
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights -->
<!-- Use, duplication or disclosure restricted by -->
<!-- GSA ADP Schedule Contract with IBM Corp. -->
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
<link rel="stylesheet" type="text/css" href="./ic.css" />
<title>Create identifier associations</title>
</head>
<body id="rzamzcreateidentifierassociations"><a name="rzamzcreateidentifierassociations"><!-- --></a>
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
<h1 class="topictitle1">Create identifier associations</h1>
<div><div class="section"><p>You need to create a source association and a target association
between each EIM identifier and the user profiles on each endpoint system
and also on the central system, <span class="uicontrol">iSeriesMC1</span>. You need
to perform this step for each user that you want to be able to access resources
through the central system. Although you could use policy associations, you
choose not to, thereby avoiding the risk of unintentionally granting asset
authority to users inappropriately. After you complete this step, each user
has one EIM identifier that is associated with each of their user profiles
on the endpoint systems. These associations allow the user to participate
in your single signon environment. Perform the following steps to create the
associations:</p>
</div>
<ol><li><span>Create the <strong>source</strong> association:</span><ol type="a"><li class="substepexpand"><span>Using <span class="keyword">iSeries™ Navigator</span> on
the PC, select the central system, <span class="uicontrol">iSeriesMC1</span>, and
expand <span class="uicontrol">Network--&gt;Enterprise Identity Mapping--&gt;Domain Management</span>.</span></li>
<li class="substepexpand"><span>Expand <samp class="codeph">MyCoEimDomain</samp> and select <span class="uicontrol">Identifiers</span>.
A list of identifiers displays in the right pane.</span></li>
<li class="substepexpand"><span>Right-click <samp class="codeph">Amanda Jones</samp> and select <span class="uicontrol">Properties</span>.</span></li>
<li class="substepexpand"><span>On the <span class="uicontrol">Associations</span> tab, click <span class="uicontrol">Add</span>.</span></li>
<li class="substepexpand"><span>On the <span class="uicontrol">Add Association</span> page, click <span class="uicontrol">Browse...</span> next
to the <span class="uicontrol">Registry</span> field, and select the registry definition
for the endpoint system registry that contains the user profile that you want
to associate with the <samp class="codeph">Amanda Jones</samp> identifier. </span> For
this example, you want to create an association between the EIM identifier, <samp class="codeph">Amanda
Jones</samp>, and the user profile <samp class="codeph">AMJONES</samp> on endpoint
system <span class="uicontrol">iSeries A</span>.</li>
<li class="substepexpand"><span>In the <span class="uicontrol">User</span> field, enter the user profile <samp class="codeph">AMJONES</samp>.</span></li>
<li class="substepexpand"><span>In the <span class="uicontrol">Association type</span> field, select <span class="uicontrol">Source</span> and
click <span class="uicontrol">OK</span>. The association is added to the list of associations
on the <span class="uicontrol">Associations</span> tab.</span></li>
</ol>
</li>
<li><span>Create the <strong>target</strong> association:</span><ol type="a"><li><span>On the <span class="uicontrol">Associations</span> tab of the <span class="uicontrol">EIM
Identifiers</span> page, click <span class="uicontrol">Add</span></span></li>
<li><span>On the <span class="uicontrol">Add Association</span> page, click <span class="uicontrol">Browse...</span> and
select the registry name for <span class="uicontrol">iSeries A</span>.</span></li>
<li><span>In the <span class="uicontrol">User</span> field, enter the user profile <samp class="codeph">AMJONES</samp>.</span></li>
<li><span></span></li>
</ol>
</li>
</ol>
<div class="section">Repeat these steps for each endpoint system and each EIM identifier
that you want to create associations for. When you are finished, click <span class="uicontrol">OK</span> on
the <span class="uicontrol">EIM Identifiers Properties</span> dialog.</div>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzamzconfigssomgtcentral.htm" title="View this scenario to learn how to configure your Management Central servers to participate in a single signon environment. After administrators complete the scenario for propagating a single signon configuration across multiple systems, they can do the necessary configuration so that their Management Central servers can participate in the single signon environment.">Scenario: Configure the Management Central servers for single signon</a></div>
<div class="previouslink"><strong>Previous topic:</strong> <a href="rzamzcreateeimidentifiers.htm">Create EIM identifiers</a></div>
<div class="nextlink"><strong>Next topic:</strong> <a href="rzamzconfigurethemanagementcentral.htm">Configure the Management Central servers to use network authentication service</a></div>
</div>
</div>
</body>
</html>