Creating identifier associations
You need to create a source association and a target association between each EIM identifier and the user profiles on each endpoint system and also on the central system, System MC1. You need to perform this step for each user that you want to be able to access resources through the central system. Although you could use policy associations, you choose not to, thereby avoiding the risk of unintentionally granting asset authority to users inappropriately. After you complete this step, each user has one EIM identifier that is associated with each of their user profiles on the endpoint systems. These associations allow the user to participate in your single signon environment. Perform the following steps to create the associations:
- Create the source association:
- Using iSeries™ Navigator on the PC, select the central system, System MC1, and expand Network-->Enterprise Identity Mapping-->Domain Management.
- Expand MyCoEimDomain and select Identifiers.
A list of identifiers displays in the right pane.
- Right-click Amanda Jones and select Properties.
- On the Associations tab, click Add.
- On the Add Association page, click Browse... next to the Registry field, and select the registry definition for the endpoint system registry that contains the user profile that you want to associate with the Amanda Jones identifier. For this example, you want to create an association between the EIM identifier, Amanda Jones, and the user profile AMJONES on endpoint system System A.
- In the User field, enter the user profile AMJONES.
- In the Association type field, select Source and click OK. The association is added to the list of associations on the Associations tab.
- Create the target association:
- On the Associations tab of the EIM Identifiers page, click Add
- On the Add Association page, click Browse... and select the registry name for System A.
- In the User field, enter the user profile AMJONES.
-
Repeat these steps for each endpoint system and each EIM identifier that you want to create associations for. When you are finished, click OK on the EIM Identifiers Properties dialog.
Parent topic:
Scenario: Configuring the Management Central servers for single signon