friedkiwi/ibm-information-center
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
6290434003
ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzalv_5.4.0.1/rzalvcrtregistrypolicy.htm

115 lines
7.5 KiB
HTML
Raw Blame History

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us" xml:lang="en-us">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="security" content="public" />
<meta name="Robots" content="index,follow" />
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
<meta name="DC.Type" content="task" />
<meta name="DC.Title" content="Create a default registry policy association" />
<meta name="DC.Relation" scheme="URI" content="rzalvcrtpolassoc.htm" />
<meta name="copyright" content="(C) Copyright IBM Corporation 2002, 2006" />
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 2002, 2006" />
<meta name="DC.Format" content="XHTML" />
<meta name="DC.Identifier" content="rzalvcrtregistrypolicy" />
<meta name="DC.Language" content="en-us" />
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights -->
<!-- Use, duplication or disclosure restricted by -->
<!-- GSA ADP Schedule Contract with IBM Corp. -->
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
<link rel="stylesheet" type="text/css" href="./ic.css" />
<title>Create a default registry policy association</title>
</head>
<body id="rzalvcrtregistrypolicy"><a name="rzalvcrtregistrypolicy"><!-- --></a>
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
<h1 class="topictitle1">Create a default registry policy association</h1>
<div><div class="section"><p>To create a <a href="rzalv_registry_policy.htm#rzalv_registry_policy">default
registry policy association</a>, you must be connected to the Enterprise
Identity Mapping (EIM) domain in which you want to work and you
must have <a href="rzalveservereimauths.htm#rzalveservereimauths">EIM access control</a> at
one of these levels: </p>
<ul><li>EIM administrator</li>
<li>Registry administrator</li>
</ul>
<div class="note"><span class="notetitle">Note:</span> A policy association describes a relationship between multiple
user identities and a single user identity in a target user registry. You
can use a policy association to describe a relationship between a source set
of multiple user identities and a single target user identity in a specified
target user registry. Policy associations use EIM mapping policy support to
create many-to-one mappings between user identities without involving an EIM
identifier. <p>Because you can use policy associations in a variety of overlapping
ways, you need to have a thorough understanding of EIM <a href="rzalv_map_pol_support.htm#rzalv_map_pol_support">mapping
policy support</a> before you create and use policy associations. Also,
to prevent potential problems with associations and how they map identities,
you need to <a href="rzalv_id_map_plan.htm#id_map_plan">develop
an overall identity mapping plan</a> for your enterprise before you begin
defining associations. </p>
</div>
<p>In a default registry policy association,
all users in a single registry are the source of the policy association and
are mapped to a single target registry and target user. When you enable the
default registry policy association for the target registry, the policy association
ensures that these source user identities can all be mapped to a single specified
target registry and target user. </p>
<p>To create a default registry policy
association, complete these steps:</p>
</div>
<ol><li class="stepexpand"><span>Expand <span class="uicontrol">Network &gt; Enterprise Identity Mapping &gt; Domain
Management</span>. </span></li>
<li class="stepexpand"><span>Select the EIM domain in which you want to work. </span> <ul><li>If the EIM domain you want to work with is not listed under <span class="uicontrol">Domain
Management</span>, see <a href="rzalvadmindomainadd.htm#rzalvadmindomainadd">Add an EIM domain to the Domain Management folder</a>.</li>
<li>If you are not currently connected to the EIM domain in which you want
to work, see <a href="rzalvadmindomaincon.htm#rzalvadmindomaincon"> Connect
to the EIM domain controller</a>. </li>
</ul>
</li>
<li class="stepexpand"><span>Select <span class="uicontrol">Enable mapping lookups using policy associations
for domain</span> on the <kbd class="userinput">General</kbd> page.</span></li>
<li class="stepexpand"><span>Select <span class="uicontrol">Enable mapping lookups using policy associations
for domain</span> on the <kbd class="userinput">General</kbd> page.</span></li>
<li class="stepexpand"><span>In the <span class="uicontrol">Add Default Registry Policy Association</span> dialog,
specify the following required information: </span> <ul><li>The registry definition name of the <span class="uicontrol">Source registry</span> for
the policy association. </li>
<li>The registry definition name of the <span class="uicontrol">Target registry</span> for
the policy association.</li>
<li>The user identity name of the <span class="uicontrol">Target user</span> for the
policy association.</li>
</ul>
</li>
<li class="stepexpand"><span>Click <span class="uicontrol">Help</span>, if necessary, for more details
about how to complete this and subsequent dialogs.</span></li>
<li class="stepexpand"><span>Optional. Click <span class="uicontrol">Advanced...</span> to display the <span class="uicontrol">Add
Association - Advanced</span> dialog. Specify <span class="uicontrol">lookup information</span> for
the policy association and click <span class="uicontrol">OK</span> to return to the <span class="uicontrol">Add
Default Registry Policy Association</span> dialog.</span> If two
or more policy associations with the same source registry refer to the same
target registry, you must define unique <a href="rzalvlookupinfodef.htm#lookup_info_def">lookup
information</a> for each of the target user identities in these policy
associations. By defining lookup information for each target user identity
in this situation, you ensure that mapping lookup operations can distinguish
between them. Otherwise, mapping lookup operations may return multiple target
user identities. As a result of these ambiguous results, applications that
rely on EIM may not be able to determine the exact target identity to use. </li>
<li class="stepexpand"><span>Click <span class="uicontrol">OK</span> to create the new policy association
and return to the <span class="uicontrol">Registry</span> page. The new default registry
policy association now displays in <span class="uicontrol">Default policy associations</span>.</span></li>
<li class="stepexpand"><span>Verify that the new policy association is enabled for the target
registry.</span></li>
<li class="stepexpand"><span>Click <span class="uicontrol">OK</span> to save your changes and exit the <span class="uicontrol">Mapping
Policy</span> dialog.</span> <div class="note"><span class="notetitle">Note:</span> <a href="rzalvenablepoliciesforregistry.htm#enable_policies_for_registry">Verify
that mapping policy support and the use of policy associations for target
user registry are properly enabled</a>. If it is not enabled, the policy
association can not take effect.</div>
</li>
</ol>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzalvcrtpolassoc.htm">Create a policy association</a></div>
</div>
</div>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink