Enterprise Identity Mapping setup requirements for eServer™

 

To implement Enterprise Identity Mapping (EIM) successfully, meet three requirements: enterprise or network level, system, and application.

 

Enterprise or network level requirements

You must configure one system in your enterprise or network to act as an EIM domain controller, which is a specially configured Lightweight Directory Access Protocol (LDAP) server that stores and provides EIM domain data. There are a number of considerations for choosing which directory services product to use as a domain controller, including the fact that not all LDAP server products provide EIM domain controller support.

Another consideration is the availability of administration tools. One option is that you can use the EIM APIs in your own applications to perform administrative functions. If you plan to use the Directory Server for iSeries™ (LDAP) product as the EIM domain controller, you can use iSeries Navigator to manage EIM. If you plan to use the IBM® Directory product, you can use the eimadmin utility that is part of the V1R4 LDAP SPE.

The following information provides basic information about which IBM platforms provide a directory server product that supports EIM. You can find more detailed information about choosing a directory server to provide EIM domain controller support in Plan an EIM domain controller.

 

System and application requirements

Each system that participates in an EIM domain must meet the following requirements:

Each application that will participate in an EIM domain must be able to use the EIM APIs to perform mapping lookup and other operations.

In the case of a distributed application, it may not be necessary that both the server side and the client side be able to use the EIM APIs. Typically, only the server side of the application may need to use the EIM APIs. The following table provides information about the EIM support that the

e(logo)server platforms provide. Information is organized by platform with columns that indicate the following:

A platform does not have to be able to serve as an EIM domain controller to participate in an EIM domain.

Table 1. eServer EIM support
Platform EIM client (API support) Domain controller EIM administration tools
AIX® on pSeries® AIX R5.2 IBM Directory V5.1 Not available
Linux®

  • SLES8 on PPC64

  • Red Hat 7.3 on i386

  • SLES7 on zSeries®
Download one of these:

IBM Directory V5.1 Not available
i5/OS® on System i™ OS/400® V5R2 and i5/OS V5R3 or later OS/400 V5R2 and i5/OS V5R3 or later Directory Server iSeries Navigator V5R2 and V5R3 or later
Windows® 2000 on xSeries® Download one of these:

  • IBM Directory V4.1 client

  • IBM Directory V5.1 client
IBM Directory V5.1 client Not available
z/OS® on zSeries z/OS V1R4 LDAP SPE OW57137 z/OS V1R4 LDAP V1R4 LDAP SPE OW57137

For more information about the IBM Directory Server product see the IBM Web product Web site at http://www-3.ibm.com/software/network/help-directory/

As long as a platform provides EIM client (API) support that system can participate in an EIM domain. It is not necessary that a platform provide EIM domain controller support unless you want to use that particular platform as the EIM domain controller for your enterprise.

After you have verified that all the EIM requirements are met, you can begin to identify needed skills, roles, and authorities for configuring EIM.

 

Parent topic:

Planning Enterprise Identity Mapping for eServer