Planning Enterprise Identity Mapping for i5/OS^®

 

There are multiple technologies and services that Enterprise Identity Mapping (EIM) encompasses on the System i™ platform. Prior to configuring EIM on your server, you should decide what functionality you want to implement by using EIM and single signon capabilities.

Before implementing EIM, you should have decided basic security requirements for your network and have implemented those security measures. EIM provides administrators and users easier identity management throughout the enterprise. When used with network authentication service, EIM provides single signon capabilities for your enterprise.

If you plan on using Kerberos to authenticate users as part of a single signon implementation, you should also configure network authentication service. See Plan network authentication service for information about planning network authentication service and Plan single signon for information about planning a single signon environment.

To learn more about how to plan your systems EIM configuration, review the following information:

• EIM installation prerequisites for System i
  The planning work sheet identifies the services that you should install prior to configuring EIM.

• Installing required iSeries Navigator options
  To enable a single signon environment with Enterprise Identity Mapping (EIM) and network authentication service, install both the Network option and the Security option of iSeries™ Navigator.

• Backup and recovery considerations for EIM
  You need to develop a backup and recovery plan for your Enterprise Identity Mapping (EIM) data to ensure that your EIM data is protected and can be recovered should there ever be a problem with the directory server that hosts the EIM domain controller. There is also important EIM configuration information that understand how to recover.

 

Parent topic:

Planning for Enterprise Identity Mapping