Enterprise Identity Mapping

Enterprise Identity Mapping (EIM) for the System i® platform is the i5/OS implementation of an IBM® infrastructure that allows administrators and application developers to solve the problem of managing multiple user registries across their enterprise.

Most network enterprises face the problem of multiple user registries, which require each person or entity within the enterprise to have a user identity in each registry. The need for multiple user registries quickly grows into a large administrative problem that affects users, administrators, and application developers. EIM enables inexpensive solutions for easier management of multiple user registries and user identities in your enterprise.

EIM allows you to create a system of identity mappings, called associations, between the various user identities in various user registries for a person in your enterprise. EIM also provides a common set of APIs that can be used across platforms to develop applications that can use the identity mappings that you create to look up the relationships between user identities. In addition, you can use EIM in conjunction with network authentication service, the i5/OS implementation of Kerberos, to provide a single sign-on environment.

You can configure and manage EIM through System i Navigator, the System i graphical user interface. The System i platform uses EIM to enable i5/OS interfaces to authenticate users by means of network authentication service. Applications, as well as i5/OS, can accept Kerberos tickets and use EIM to find the user profile that represents the same person as the Kerberos ticket represents.

To learn more about how EIM works, about EIM concepts, and about how you can use EIM in your enterprise review the following: