friedkiwi/ibm-information-center
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
14ed2849c6
ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzau4_5.4.0.1/wpadmindomprop.htm

253 lines
18 KiB
HTML
Raw Blame History

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us" xml:lang="en-us">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="security" content="public" />
<meta name="Robots" content="index,follow" />
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
<meta name="DC.Type" content="task" />
<meta name="DC.Title" content="Manage EIM domain properties" />
<meta name="abstract" content="Enterprise Identity Mapping (EIM) registration and identity mapping allows users to register with the EIM domain server and manage their identity mappings online." />
<meta name="description" content="Enterprise Identity Mapping (EIM) registration and identity mapping allows users to register with the EIM domain server and manage their identity mappings online." />
<meta name="DC.Relation" scheme="URI" content="wpadmin.htm" />
<meta name="copyright" content="(C) Copyright IBM Corporation 2004, 2006" />
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 2004, 2006" />
<meta name="DC.Format" content="XHTML" />
<meta name="DC.Identifier" content="wpadmindomprop" />
<meta name="DC.Language" content="en-us" />
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights -->
<!-- Use, duplication or disclosure restricted by -->
<!-- GSA ADP Schedule Contract with IBM Corp. -->
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
<link rel="stylesheet" type="text/css" href="./ic.css" />
<title>Manage EIM domain properties</title>
</head>
<body id="wpadmindomprop"><a name="wpadmindomprop"><!-- --></a>
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
<h1 class="topictitle1">Manage EIM domain properties</h1>
<div><p>Enterprise Identity Mapping (EIM) registration and identity mapping
allows users to register with the EIM domain server and manage their identity
mappings online.</p>
<div class="section"><div class="note"><span class="notetitle">Note:</span> Before you enable EIM registration and identity mapping, see <a href="wpovereim.htm">Interaction with an Enterprise Identity Mapping server</a> for
information on how the IBM<sup>®</sup> Welcome Page V1.1 application uses EIM and any limitations
of EIM integration in the application. EIM is not available on <span class="keyword">iSeries™</span> servers
that run <span class="keyword">OS/400<sup>®</sup></span> V5R1. If
EIM is not available on your <span class="keyword">iSeries server</span>,
a tab for EIM administration does not appear in the IBM Welcome Page V1.1 application. Additionally,
make sure that you have all the necessary PTFs applied to your server to use
EIM in V5R2. See <a href="wpinstallprereq.htm">Verify the prerequisites</a> for
more information.</div>
<p>For more information on EIM properties and adding
aliases see:</p>
<ul><li><a href="#eim">Modify EIM domain properties</a></li>
<li><a href="#alias1">Add your aliases to user registries</a></li>
<li><a href="#alias2">Add aliases to other system or application user registries</a></li>
</ul>
</div>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="wpadmin.htm" title="This topic provides administrative information for administrators of the IBM Welcome Page V1.1 application. Information includes how to administer application entries and application properties.">Administer IBM Welcome Page V1.1</a></div>
</div>
</div><div class="nested1" xml:lang="en-us" id="eim"><a name="eim"><!-- --></a><h2 class="topictitle2">Modify EIM domain properties</h2>
<div><div class="section">To modify EIM domain properties, use the IBM Welcome Page V1.1 administrator pages.
Perform the following steps:</div>
<ol><li class="stepexpand"><span>Make sure that EIM is set up and started on your <span class="keyword">iSeries server</span>.</span></li>
<li class="stepexpand"><span>Access the IBM Survey Creator application by entering the following
URL in your Web browser:</span> <pre>http://<em>your.server.name:port</em>/ibm-bizApps/welcome/admin.do</pre>
<p>where <em>your.server.name</em> is the name of the server where IBM Welcome Page is installed and <em>port</em> is
the port number that was specified during installation.</p>
</li>
<li class="stepexpand"><span>To modify EIM domain properties, you must log in as the application
administrator.</span></li>
<li class="stepexpand"><span>You can modify the following EIM domain properties:</span> <ul><li><span class="uicontrol">Name</span></li>
<li><span class="uicontrol">Parent DN</span></li>
<li><span class="uicontrol">Administrator DN:</span> Specify the distinguished name
(DN) value of an administrator to the EIM repository.</li>
<li><span class="uicontrol">Administrator password:</span> Specify the password for
the EIM administrator.</li>
</ul>
</li>
<li class="stepexpand"><span>Click <span class="uicontrol">Save Properties</span> or <span class="uicontrol">Delete
Properties</span>, depending on what you want to modify.</span></li>
</ol>
</div>
</div>
<div class="nested1" xml:lang="en-us" id="alias1"><a name="alias1"><!-- --></a><h2 class="topictitle2">Add your aliases to user registries</h2>
<div><div class="section"><p>After the EIM properties have been modified, you must use <span class="keyword">iSeries Navigator</span> to set up and administer
EIM domain servers. You must add aliases to user registries that are defined
for the EIM domain. Aliases provide the information that applications need
to map an abstract user registry to a system host name, port, and authentication
method.</p>
<p>Perform the following steps to add an alias to set up the system
user registry for business application users:</p>
</div>
<ol><li class="stepexpand"><span>Start <span class="keyword">iSeries Navigator</span>.</span></li>
<li class="stepexpand"><span>Expand <span class="uicontrol">Domain Management</span>.</span></li>
<li class="stepexpand"><span>Expand the name of the EIM domain you want to manage.</span></li>
<li class="stepexpand"><span>If necessary, enter the DN and password for your domain's administrator,
and click <span class="uicontrol">OK</span>.</span></li>
<li class="stepexpand"><span>Click <span class="uicontrol">User Registries</span>.</span> A list
of registries appear in the right panel.</li>
<li class="stepexpand"><span>In the <span class="uicontrol">Enterprise Identity Mapping tasks</span> panel,
click <span class="uicontrol">Add a new system registry</span>.</span> <div class="note"><span class="notetitle">Note:</span> If
the task panel is not visible, go to the top menu, click <span class="uicontrol">View</span>,
and select <span class="uicontrol">Taskpad</span>. There should now be a check mark
next to Taskpad, and the task area should be visible.</div>
</li>
<li class="stepexpand"><span>In the <span class="uicontrol">Add System Registry</span> window, perform
the following steps:</span><ol type="a"><li class="substepexpand"><span>In the <span class="uicontrol">Registry</span> field, specify a name
for the new registry.</span></li>
<li class="substepexpand"><span>In the <span class="uicontrol">Type</span> field, select <span class="uicontrol">LDAP</span>.</span></li>
<li class="substepexpand"><span>In the <span class="uicontrol">Alias</span> field, specify the hostname
and TCP/IP port number that the directory server uses and that the applications
are configured to use.</span> For example, if they are configured to use
the directory server at server.rchland.ibm.com port 388, enter <samp class="codeph">host=server.rchland.ibm.com,
port=388</samp> as the alias. <p>There are several properties that business
applications observe in a user registry alias:</p>
<ul><li><span class="uicontrol">host</span> - This is the TCP/IP host name or IP address
for this user registry. Business applications may use this value if they need
to communicate with the system. For example, IBM Telephone Directory uses this value
to validate user requests to add identity mappings (or associations) to their
EIM identifier. There is no default value for this setting. For example, <samp class="codeph">host=server.rchland.ibm.com</samp>.</li>
<li><span class="uicontrol">protocol</span> - This is the protocol used to communicate
with the system. Valid values are ldap and ftp where the default value is
ldap. See <span class="uicontrol">host</span> for details. For example, <samp class="codeph">protocol=ftp</samp>.</li>
<li><span class="uicontrol">port</span> - This is the TCP/IP port number used to communicate
with the system. Valid values range between 1 and 65535. The default value
is 389 if the ldap protocol is used, or 20 if the ftp protocol is used. See <span class="uicontrol">host</span> for
details. For example, <samp class="codeph">port=388</samp></li>
<li><span class="uicontrol">os400-sys</span> - This is the os400-sys attribute value
used to access <span class="keyword">OS/400</span> objects
as entries within an LDAP-accessible directory tree. Business applications
may use this value to access <span class="keyword">OS/400</span> user
profiles that are projected as entries within a directory tree. This value
is only used if the ldap protocol is used to communicate with an <span class="keyword">OS/400</span> system. The default value is
the same as that specified for host (required). For example, <samp class="codeph">os400-sys=system-A.rchland.ibm.com</samp></li>
<li><span class="uicontrol">readonly</span> - This indicates that the user registry
is only to be used to read or obtain information. If specified, business applications
may use or display identity mappings (or association) mapped to this user
registry, but they may not add new identity mappings or remove/modify any
existing identity mapping. This setting is disabled by default. For example, <samp class="codeph">readonly</samp></li>
<li><strong>Notes:</strong><ul><li>Property names and values are not case sensitive.</li>
<li>If multiple properties are specified, they must be separated by a comma
(',').</li>
<li>Properties may only be specified once, per alias. (No duplicates.)</li>
<li>Only one type IBS alias is allowed, per user registry.</li>
<li>Business applications look specifically for user registries with a type
IBS alias. Those without a type IBS alias are ignored.</li>
<li>Alias types are case sensitive. IBS must be specified with all upper case
letters.</li>
</ul>
</li>
</ul>
</li>
<li class="substepexpand"><span>Under the <span class="uicontrol">Address aliases</span> heading, in
the <span class="uicontrol">Type</span> field, specify <span class="uicontrol">IBS</span> (and
overwrite anything that may already be shown or selected).</span></li>
<li class="substepexpand"><span>Click <span class="uicontrol">Add</span>.</span></li>
<li class="substepexpand"><span>Click <span class="uicontrol">OK</span>.</span></li>
</ol>
</li>
</ol>
</div>
</div>
<div class="nested1" xml:lang="en-us" id="alias2"><a name="alias2"><!-- --></a><h2 class="topictitle2">Add aliases to other system or application user registries</h2>
<div><div class="section">Perform the following steps to add an alias to set up other system
or application user registries:</div>
<ol><li class="stepexpand"><span>Start <span class="keyword">iSeries Navigator</span>.</span></li>
<li class="stepexpand"><span>Expand <span class="uicontrol">Domain Management</span>.</span></li>
<li class="stepexpand"><span>Expand the name of the EIM domain you want to manage.</span></li>
<li class="stepexpand"><span>If necessary, enter the DN and password for your domain's administrator,
and click <span class="uicontrol">OK</span>.</span></li>
<li class="stepexpand"><span>Click <span class="uicontrol">User Registries</span>.</span> A list
of registries appear in the right panel.</li>
<li class="stepexpand"><span>In the <span class="uicontrol">Enterprise Identity Mapping tasks panel</span>,
click <span class="uicontrol">Add a new system registry</span> to add a new system
user registry, or <span class="uicontrol">Add a new application registry</span> to
add a new application user registry.</span> <div class="note"><span class="notetitle">Note:</span> If the task panel is
not visible, go to the top menu, click View, and select Taskpad. There should
now be a check mark next to Taskpad, and the task area should be visible.</div>
</li>
<li class="stepexpand"><span>In the <span class="uicontrol">Add System Registry</span> window or <span class="uicontrol">Add
Application Registry</span> window, perform the following steps:</span><ol type="a"><li class="substepexpand"><span>In the <span class="uicontrol">Registry</span> field, specify a name
for the new registry.</span></li>
<li class="substepexpand"><span>If you are using the <span class="uicontrol">Add System Registry wizard</span>,
skip to step <a href="#alias2__typefield">7.c</a>.</span> If you are
using the <span class="uicontrol">Add Application Registry wizard</span>, in the <span class="uicontrol">Parent
registry</span> field, specify the name of the system user registry of
which this application user registry is a subset.</li>
<li class="substepexpand" id="alias2__typefield"><a name="alias2__typefield"><!-- --></a><span>In the <span class="uicontrol">Type</span> field, select
the type of user registry definition that you want to add.</span> You
may choose a predefined type, or enter a value that meets your needs.</li>
<li class="substepexpand"><span>In the <span class="uicontrol">Alias</span> field, specify the properties
that business applications must use in the event they need to communicate
with the system.</span> See explanation of alias properties for details.<p>There
are several properties that applications observe in a user registry alias:</p>
<ul><li><span class="uicontrol">host</span> - This is the TCP/IP host name or IP address
for this user registry. Business applications may use this value if they need
to communicate with the system. For example, IBM Telephone Directory uses this value
to validate user requests to add identity mappings (or associations) to their
EIM identifier. There is no default value for this setting. For example, <samp class="codeph">host=server.rchland.ibm.com</samp>. </li>
<li><span class="uicontrol">protocol</span> - This is the protocol used to communicate
with the system. Valid values are ldap and ftp where the default value is
ldap. See <span class="uicontrol">host</span> for details. For example, <samp class="codeph">protocol=ftp</samp></li>
<li><span class="uicontrol">port</span> - This is the TCP/IP port number used to communicate
with the system. Valid values range between 1 and 65535. The default value
is 389 if the ldap protocol is used, or 20 if the ftp protocol is used. See <span class="uicontrol">host</span> for
details. For example, <samp class="codeph">port=388</samp></li>
<li><span class="uicontrol">os400-sys</span> - This is the os400-sys attribute value
used to access <span class="keyword">OS/400</span> objects
as entries within an LDAP-accessible directory tree. Business applications
may use this value to access <span class="keyword">OS/400</span> user
profiles that are projected as entries within a directory tree. This value
is only used if the ldap protocol is used to communicate with an <span class="keyword">OS/400</span> system. The default value is
the same as that specified for host (required). For example, <samp class="codeph">os400-sys=system-A.rchland.ibm.com</samp></li>
<li><span class="uicontrol">readonly</span> - This indicates that the user registry
is only to be used to read or obtain information. If specified, business applications
may use or display identity mappings (or association) mapped to this user
registry, but they may not add new identity mappings or remove/modify any
existing identity mapping. This setting is disabled by default. For example, <samp class="codeph">readonly</samp>. </li>
<li><strong>Notes:</strong><ul><li>Property names and values are not case sensitive.</li>
<li>If multiple properties are specified, they must be separated by a comma
(',').</li>
<li>Properties may only be specified once, per alias. (No duplicates.)</li>
<li>Only one type IBS alias is allowed, per user registry.</li>
<li>Business applications look specifically for user registries with a type
IBS alias. Those without a type IBS alias are ignored.</li>
<li>Alias types are case sensitive. IBS must be specified with all upper case
letters.</li>
</ul>
</li>
</ul>
</li>
<li class="substepexpand"><span>Under the <span class="uicontrol">Address aliases</span> heading, in
the <span class="uicontrol">Type</span> field, specify <span class="uicontrol">IBS</span> (and
overwrite anything that may already be shown or selected).</span></li>
<li class="substepexpand"><span>Click <span class="uicontrol">Add</span>.</span></li>
<li class="substepexpand"><span>Click <span class="uicontrol">OK</span>.</span></li>
</ol>
</li>
</ol>
<div class="section"><p>You should now see your new registry in the list of system registries.
This registry represents the directory server used by the applications. The
alias you added to it allows the Web applications to identify it.</p>
<p>You
may now add other registries that represent other servers. If you add a similar
alias, the IBM Telephone
Directory V5.2 application recognizes it and allows users to self-register
their personal identities for those servers.</p>
<p>Currently, the IBM Telephone
Directory V5.2 application is the only business application that uses EIM
properties. It uses EIM properties to provide automatic EIM registration and
self-management of user identities. See <a href="../rzaty/itdadmineim.htm">Set up EIM registration and identity mapping</a> in the <em>IBM Telephone
Directory V5.2</em> topic for more information.</p>
</div>
</div>
</div>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink