Now that you finished this scenario, the only EIM user you have defined that EIM can use is the DN for the LDAP administrator. The LDAP administrator DN that you specified for the system user on System A has a high level of authority to all data on the directory server. Therefore, you might consider creating one or more DNs as additional users that have more appropriate and limited access control for EIM data. The number of additional EIM users that you define depends on your security policy's emphasis on the separation of security duties and responsibilities. Typically, you might create at least the two following types of DNs:
This EIM administrator DN provides the appropriate level of authority for an administrator who is responsible for managing the EIM domain. This EIM administrator DN could be used to connect to the domain controller when managing all aspects of the EIM domain by means of iSeries™ Navigator.
To use this new DN for the system user instead of the LDAP administrator DN, change the EIM configuration properties for each system. For this scenario, you need to change the EIM configuration properties for any System i™ model you setup. See to learn how to change the system user DN.