friedkiwi/ibm-information-center
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
6290434003
ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzamz_5.4.0.1/rzamzcreateidentifierassociationsforjohnday.htm

109 lines
8.0 KiB
HTML
Raw Blame History

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us" xml:lang="en-us">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="security" content="public" />
<meta name="Robots" content="index,follow" />
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
<meta name="DC.Type" content="task" />
<meta name="DC.Title" content="Create identifier associations for John Day" />
<meta name="DC.Relation" scheme="URI" content="rzamzenablessoos400.htm" />
<meta name="DC.Relation" scheme="URI" content="rzamzcreateeimidentifiersfortwoadministratorsjohndayandsharonjones.htm" />
<meta name="DC.Relation" scheme="URI" content="rzamzcreateidentifierassociationsforsharonjones.htm" />
<meta name="copyright" content="(C) Copyright IBM Corporation 2000, 2006" />
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 2000, 2006" />
<meta name="DC.Format" content="XHTML" />
<meta name="DC.Identifier" content="rzamzcreateidentifierassociationsforjohnday" />
<meta name="DC.Language" content="en-us" />
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights -->
<!-- Use, duplication or disclosure restricted by -->
<!-- GSA ADP Schedule Contract with IBM Corp. -->
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
<link rel="stylesheet" type="text/css" href="./ic.css" />
<title>Create identifier associations for John Day</title>
</head>
<body id="rzamzcreateidentifierassociationsforjohnday"><a name="rzamzcreateidentifierassociationsforjohnday"><!-- --></a>
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
<h1 class="topictitle1">Create identifier associations for John Day</h1>
<div><div class="section"><p>You must create the appropriate associations between the EIM identifier,
John Day, and the user identities that the person represented by the identifier
uses. These identifier associations, when properly configured, enable the
user to participate in a single signon environment.</p>
<div class="p">In this scenario,
you need to create one source association and two target associations for
the John Day identifier:<ul><li>A source association for the jday Kerberos principal, which is the user
identity that John Day, the person, uses to log in to Windows<sup>®</sup> and
the network. The source association allows the Kerberos principal to be mapped
to another user identity as defined in a corresponding target association.</li>
<li>A target association for the JOHND <span class="keyword">iSeries™</span> user
profile, which is the user identity that John Day, the person, uses to log
in to <span class="keyword">iSeries</span> and other <span class="keyword">iSeries</span> applications on <span class="keyword">iSeries</span> A.
The target association specifies that a mapping lookup operation can map to
this user identity from another one as defined in a source association for
the same identifier.</li>
<li>A target association for the DAYJO <span class="keyword">iSeries</span> user
profile, which is the user identity that John Day, the person, uses to log
in to <span class="keyword">iSeries Navigator</span> and
other <span class="keyword">iSeries</span> applications
on <span class="keyword">iSeries</span> B. The target association
specifies that a mapping lookup operation can map to this user identity from
another one as defined in a source association for the same identifier.</li>
</ul>
</div>
<p>Use the information from your planning work sheets to create the
associations.</p>
<p><strong>To create the source association for John Day's Kerberos
principal, follow these steps:</strong></p>
</div>
<ol><li class="stepexpand"><span>On <span class="keyword">iSeries</span> A, expand <span class="menucascade"><span class="uicontrol">Network</span> &gt; <span class="uicontrol">Enterprise Identity Mapping</span> &gt; <span class="uicontrol">Domain Management</span> &gt; <span class="uicontrol">MyCoEimDomain</span> &gt; <span class="uicontrol">Identifiers</span></span>.</span></li>
<li class="stepexpand"><span>Right-click <span class="uicontrol">John Day</span> and select <span class="uicontrol">Properties</span>.</span></li>
<li class="stepexpand"><span>On the <span class="uicontrol">Associations</span> page, click <span class="uicontrol">Add</span>.</span></li>
<li class="stepexpand"><span>In the <span class="uicontrol">Add Association</span> dialog, specify or <span class="uicontrol">Browse...</span> to
select the following information, and click <span class="uicontrol">OK</span>.</span> <ul><li><span class="uicontrol">Registry</span>: <tt>MYCO.COM</tt></li>
<li><span class="uicontrol">User</span>:<tt> jday</tt></li>
<li><span class="uicontrol">Association type</span>: <tt>Source</tt></li>
</ul>
</li>
<li class="stepexpand"><span>Click <span class="uicontrol">OK</span> to close the <span class="uicontrol">Add Associations</span> dialog.</span></li>
</ol>
<div class="section"><p></p>
<strong>To create a target association for John Day's <span class="keyword">iSeries</span> user profile on <span class="keyword">iSeries</span> A,
follow these steps:</strong><ol><li>On the <span class="uicontrol">Associations</span> page, click <span class="uicontrol">Add</span>.</li>
<li>In the <span class="uicontrol">Add Association</span> dialog, specify or <span class="uicontrol">Browse...</span> to
select the following information, and click <span class="uicontrol">OK</span>:<ul><li><span class="uicontrol">Registry</span>: <tt>ISERIESA.MYCO.COM</tt></li>
<li><span class="uicontrol">User</span>: <tt>JOHND</tt></li>
<li><span class="uicontrol">Association type</span>: <tt>Target</tt></li>
</ul>
</li>
<li>Click <span class="uicontrol">OK</span> to close the <span class="uicontrol">Add Associations</span> dialog.<p>To
create a target association for John Day's <span class="keyword">iSeries</span> user
profile on <span class="keyword">iSeries</span> B, follow
these steps:</p>
</li>
<li>On the <span class="uicontrol">Associations</span> page, click <span class="uicontrol">Add</span>.</li>
<li>In the <span class="uicontrol">Add Association</span> dialog, specify or <span class="uicontrol">Browse...</span> to
select the following information, and click <span class="uicontrol">OK</span>:<ul><li><span class="uicontrol">Registry</span>: <tt>ISERIESB.MYCO.COM</tt></li>
<li><span class="uicontrol">User</span>: <tt>DAYJO</tt></li>
<li><span class="uicontrol">Association type</span>: <tt>Target</tt></li>
</ul>
</li>
<li>Click <span class="uicontrol">OK</span> to close the <span class="uicontrol">Add Associations</span> dialog.</li>
<li>Click <span class="uicontrol">OK</span> to close the <span class="uicontrol">Properties</span> dialog.</li>
</ol>
<p>Now that you have created the identifier associations that map John
Day's user identities to his EIM identifier, you can create similar associations
for Sharon Jones.</p>
</div>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzamzenablessoos400.htm" title="View this scenario to learn how to configure network authentication service and EIM to create a single signon environment across multiple systems in an enterprise. This scenario expands on the concepts and tasks presented in the previous scenario which demonstrates how to create a simple single signon test environment.">Scenario: Enable single signon for i5/OS</a></div>
<div class="previouslink"><strong>Previous topic:</strong> <a href="rzamzcreateeimidentifiersfortwoadministratorsjohndayandsharonjones.htm">Create EIM identifiers for two administrators, John Day and Sharon Jones</a></div>
<div class="nextlink"><strong>Next topic:</strong> <a href="rzamzcreateidentifierassociationsforsharonjones.htm">Create identifier associations for Sharon Jones</a></div>
</div>
</div>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink