Managing Enterprise Identity Mapping registry definitions
This information explains how to create and manage the Enterprise Identity Mapping (EIM) registry definitions for those user registries in your enterprise that participate in EIM.
To have user registries and the user identities that they contain participate in an EIM domain create registry definitions for them. You can then manage how the user registries and their user identities participate in EIM by managing these EIM registry definitions.
You can perform the following management tasks for registry definitions:
- Adding a system registry definition
To create a system registry definition, be connected to the Enterprise Identity Mapping (EIM) domain in which you want to work and have EIM administrator access control.
- Adding an application registry definition
To create an application registry definition, be connected to the Enterprise Identity Mapping (EIM) domain in which you want to work and have EIM administrator access control.
- Adding a group registry definition
To create a group registry definition, be connected to the EIM domain in which you want to work and have EIM administrator access control.
- Adding an alias to a registry definition
You, or an application developer, may want to specify additional distinguishing information for a registry definition. You can do this by creating an alias for the registry definition. You, or others, can then use the alias for the registry definition to better distinguish one user registry from another.
- Defining a private user registry type in EIM
When you create an Enterprise Identity Mapping (EIM) registry definition you can specify one of a number of predefined user registry types to represent an actual user registry that exists on a system within the enterprise.
- Enabling mapping lookup support and the use of policy associations for a target registry
Enterprise Identity Mapping (EIM) mapping policy support allows you to use policy associations as a means of creating many-to-one mappings in situations where associations between user identities and an EIM identifier do not exist. You can use a policy association to map a source set of multiple user identities (rather than a single user identity) to a single target user identity in a specified target user registry.
- Deleting a registry definition
When you delete a registry definition from an Enterprise Identity Mapping (EIM) domain you do not affect the user registry to which the registry definition refers, but that user registry can no longer participate in the EIM domain.
- Removing an alias from a registry definition
To remove an alias from an Enterprise Identity Mapping (EIM) registry definition, be connected to the EIM domain in which you want to work and have EIM access control as Registry administrator, Administrator for selected registries, or EIM administrator.
- Adding a member to a group registry definition
To add a member to a group registry definition, be connected to the EIM domain in which you want to work and have EIM access control as EIM administrator, Registry administrator, Administrator for selected registries (for both the group registry definition to which you want to add the member and to the individual member that you want to add).
Parent topic:
Managing Enterprise Identity Mapping
Related concepts
Creating a policy association
Related tasks
Deleting a policy association