LDAP schema and other considerations for EIM

 

Use this information to learn what is required for the directory server to function with Enterprise Identity Mapping (EIM).

EIM requires that the domain controller be hosted by a directory server that supports Lightweight Directory Access Protocol (LDAP) Version 3. Additionally, the directory server product must be able to accept the EIM schema and understand the following attributes and object classes:

• The ibm-entryUUID attribute.

• The ibmattributetypes:

  • acIEntry

  • acIPropagate

  • acISource

  • entryOwner

  • ownerPropagate

  • ownerSource

• EIM attributes, including three new attributes for policy association support:

  • ibm-eimAdditionalInformation

  • ibm-eimAdminUserAssoc

  • ibm-eimDomainName, ibm-eimDomainVersion,

  • ibm-eimRegistryAliases

  • ibm-eimRegistryEntryName

  • ibm-eimRegistryName

  • ibm-eimRegistryType

  • ibm-eimSourceUserAssoc

  • ibm-eimTargetIdAssoc

  • ibm-eimTargetUserName

  • ibm-eimUserAssoc

  • ibm-eimFilterType

  • ibm-eimFilterValue

  • ibm-eimPolicyStatus

• EIM object classes, including three new classes for policy association support:

  • ibm-eimApplicationRegistry

  • ibm-eimDomain

  • ibm-eimIdentifier

  • ibm-eimRegistry

  • ibm-eimRegistryUser

  • ibm-eimSourceRelationship

  • ibm-eimSystemRegsitry

  • ibm-eimTargetRelationship

  • ibm-eimFilterPolicy

  • ibm-eimDefaultPolicy

  • ibm-eimPolicyListAux

If you currently use the directory server on OS/400^® V5R2 systems as your EIM domain controller update the LDAP schema and EIM support for this directory server so that you can continue to use it to manage i5/OS^® V5R3 or later EIM domain data.

 

Parent topic:

LDAP concepts for EIM

 

Related concepts

EIM domain controller