Propagating system settings from the model system (System A) to System B and System C

The Synchronize Functions wizard iniSeries™ Navigator allows you to propagate system settings to multiple endpoint systems within the same system group.

Complete these tasks to propagate the network authentication service and EIM configurations to target systems:

1. In iSeries Navigator, expand Management Central (System MC1) > System Groups.

2. Right-click MyCo system group and select System Values > Synchronize Functions..., and click Next. This will open the Synchronize Functions Wizard.

3. On the Welcome page, review the information about the Synchronize Functions wizard. The Welcome page lists the functions that you can choose to synchronize later in the wizard.

   When you propagate network configuration service and EIM configurations among servers, sensitive information like passwords are sent across the network. You should use SSL to protect this information, especially if it is being sent outside your Local Area Network (LAN). See Scenario: Secure all connections to your Management Central server with SSL for details.

4. On the Model System page, select System A as the model system, and click Next. This model system will be used as a base for synchronizing the network authentication service and EIM configurations to other systems.

5. On the Target Systems and Groups page, select MyCo system group. Click Next.

6. On the What to Update page, select Network Authentication Service (Kerberos) and Enterprise Identity Mapping. Click Verify configuration. After the configuration has been verified, click Next.

   If the verification of EIM does not complete successfully, there may be a problem with the EIM configuration on the model system. If the network authentication service configuration fails, there may be a problem with the network authentication service configuration on the model system.

   To recover from these errors, you need to check the EIM and network authentication service configurations on the model system, fix the configurations, and then return to the beginning of this scenario. Refer to Scenario: Creating a single signon test environment to ensure that all of the single signon configuration tasks on the model system are completed and verified.

7. On the Network Authentication Service page, select i5/OS Kerberos Authentication, enter systema123 in the Password and Confirm password fields, and click Next.

   This password is used for the keytab entry on each target system. If your security policy requires a different password on each system, then you can skip this step. Instead, after you complete this wizard, you can manually add the keytab entries to individual systems and enter a different password for each system.

8. On the Enterprise Identity Mapping page, select the user that the operating system uses when performing EIM operations:

   • User Type: Distinguished name and password

   • Distinguished name: cn=administrator

   • Password: mycopwd

9. On the Summary page, verify that the appropriate settings are listed on this page. Click Finish.

10. In iSeries Navigator, expand Management Central (System MC1) > Task Activity > System Values.

11. Verify that the task has completed successfully.

Parent topic: