friedkiwi/ibm-information-center
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
8826eae394
ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzakh_5.4.0.1/rzakhssoscenario_createidentifierassociations2.htm

110 lines
7.5 KiB
HTML
Raw Blame History

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us" xml:lang="en-us">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="security" content="public" />
<meta name="Robots" content="index,follow" />
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
<meta name="DC.Type" content="task" />
<meta name="DC.Title" content="Create identifier associations for Sharon Jones" />
<meta name="DC.Relation" scheme="URI" content="rzakhscen2.htm" />
<meta name="DC.Relation" scheme="URI" content="rzakhssoscenario_createidentifierassociations.htm" />
<meta name="DC.Relation" scheme="URI" content="rzakhssoscenario_createfegistrypolicy.htm" />
<meta name="copyright" content="(C) Copyright IBM Corporation 1998, 2006" />
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 1998, 2006" />
<meta name="DC.Format" content="XHTML" />
<meta name="DC.Identifier" content="rzakhssoscenario_createidentifierassociations2" />
<meta name="DC.Language" content="en-us" />
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights -->
<!-- Use, duplication or disclosure restricted by -->
<!-- GSA ADP Schedule Contract with IBM Corp. -->
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
<link rel="stylesheet" type="text/css" href="./ic.css" />
<title>Create identifier associations for Sharon Jones</title>
</head>
<body id="rzakhssoscenario_createidentifierassociations2"><a name="rzakhssoscenario_createidentifierassociations2"><!-- --></a>
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
<h1 class="topictitle1">Create identifier associations for Sharon Jones</h1>
<div><div class="section">You must create the appropriate associations between the EIM identifier,
Sharon Jones, and the user identities that the person represented by the identifier
uses. These associations, when properly configured, enable the user to participate
in a single signon environment.<div class="p">In this scenario, you need to create one
source association and two target associations for the Sharon Jones identifier:<ul><li>A source association for the sjones Kerberos principal, which is the user
identity that Sharon Jones, the person, uses to log in to Windows<sup>®</sup> and
the network. The source association allows the Kerberos principal to be mapped
to another user identity as defined in a corresponding target association.</li>
<li>A target association for the SHARONJ i5/OS™ user profile, which is the user identity
that Sharon Jones, the person, uses to log in to iSeries™ Navigator and other i5/OS applications
on iSeries A.
The target association specifies that a mapping lookup operation can map to
this user identity from another one as defined in a source association for
the same identifier.</li>
<li>A target association for the JONESSH i5/OS user profile, which is the user identity
that Sharon Jones, the person, uses to log in to iSeries Navigator and other i5/OS applications
on iSeries B.
The target association specifies that a mapping lookup operation can map to
this user identity from another one as defined in a source association for
the same identifier.</li>
</ul>
</div>
<p>Use the information from your planning work sheets to create the
associations:</p>
<p>To create the source association for Sharon Jones' Kerberos
principal, follow these steps:</p>
</div>
<ol><li class="stepexpand"><span>On iSeries A,
expand <span class="menucascade"><span class="uicontrol">Network</span> &gt; <span class="uicontrol">Enterprise Identity
Mapping</span> &gt; <span class="uicontrol">Domain Management</span> &gt; <span class="uicontrol">MyCoEimDomain</span> &gt; <span class="uicontrol">Identifiers</span></span>.</span></li>
<li class="stepexpand"><span>Right-click <span class="uicontrol">Sharon Jones</span> and select <span class="uicontrol">Properties</span>.</span></li>
<li class="stepexpand"><span>On the <span class="uicontrol">Associations</span> page, click <span class="uicontrol">Add</span>.</span></li>
<li class="stepexpand"><span>On the <span class="uicontrol">Add Association</span> dialog box, specify
or <span class="uicontrol">Browse...</span> to select the following information, and
click <span class="uicontrol">OK</span>:</span><ol type="a"><li><span><span class="uicontrol">Registry</span>: <tt>MYCO.COM</tt></span></li>
<li><span><span class="uicontrol">User</span>: <tt>sjones</tt></span></li>
<li><span><span class="uicontrol">Association type</span>: <tt>Source</tt></span></li>
</ol>
</li>
<li class="stepexpand"><span>Click <span class="uicontrol">OK</span> to close the <span class="uicontrol">Add Associations</span> dialog
box.</span> <p>To create a target association to Sharon Jones' i5/OS user profile
on iSeries A,
follow these steps:</p>
</li>
<li class="stepexpand"><span>On the <span class="uicontrol">Associations</span> page, click <span class="uicontrol">Add</span>.</span></li>
<li class="stepexpand"><span>On the <span class="uicontrol">Add Association</span> dialog box, specify
or <span class="uicontrol">Browse...</span> to select the following information, and
click <span class="uicontrol">OK</span>:</span><ol type="a"><li><span><span class="uicontrol">Registry</span>: <tt>ISERIESA.MYCO.COM</tt></span></li>
<li><span><span class="uicontrol">User</span>: <tt>SHARONJ</tt></span></li>
<li><span><span class="uicontrol">Association type</span>: <tt>Target</tt></span></li>
</ol>
</li>
<li class="stepexpand"><span>Click <span class="uicontrol">OK</span> to close the <span class="uicontrol">Add Associations</span> dialog
box.</span> <p>To create a target association to Sharon Jones' i5/OS user profile
on iSeries B,
follow these steps:</p>
</li>
<li class="stepexpand"><span>On the <span class="uicontrol">Associations</span> page, click <span class="uicontrol">Add</span>.</span></li>
<li class="stepexpand"><span>On the <span class="uicontrol">Add Association</span> dialog box, specify
or <span class="uicontrol">Browse...</span> to select the following information, and
click <span class="uicontrol">OK</span>:</span><ol type="a"><li><span><span class="uicontrol">Registry</span>: <tt>ISERIESB.MYCO.COM</tt></span></li>
<li><span><span class="uicontrol">User</span>: <tt>JONESSH</tt></span></li>
<li><span><span class="uicontrol">Association type</span>: <tt>Target</tt></span></li>
</ol>
</li>
<li class="stepexpand"><span>Click <span class="uicontrol">OK</span> to close the <span class="uicontrol">Add Associations</span> dialog
box.</span></li>
<li class="stepexpand"><span>Click <span class="uicontrol">OK</span> to close the <span class="uicontrol">Properties</span> dialog
box.</span></li>
</ol>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzakhscen2.htm" title="Use the following scenario to become familiar with the prerequisites and objectives for enabling single signon for i5/OS.">Scenario: Enable single signon for i5/OS</a></div>
<div class="previouslink"><strong>Previous topic:</strong> <a href="rzakhssoscenario_createidentifierassociations.htm">Create identifier associations for John Day</a></div>
<div class="nextlink"><strong>Next topic:</strong> <a href="rzakhssoscenario_createfegistrypolicy.htm">Create default registry policy associations</a></div>
</div>
</div>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink