Enterprise Identity Mapping

Enterprise Identity Mapping (EIM) for the IBM® i platform is the IBM i implementation of an IBM infrastructure that allows administrators and application developers to solve the problem of managing multiple user registries across their enterprise.

Most network enterprises face the problem of multiple user registries, which require each person or entity within the enterprise to have a user identity in each registry. The need for multiple user registries quickly grows into a large administrative problem that affects users, administrators, and application developers. EIM enables inexpensive solutions for easier management of multiple user registries and user identities in your enterprise.

EIM allows you to create a system of identity mappings, called associations, between the various user identities in various user registries for a person in your enterprise. EIM also provides a common set of APIs that can be used across platforms to develop applications that can use the identity mappings that you create to look up the relationships between user identities. In addition, you can use EIM in conjunction with network authentication service, the IBM i implementation of Kerberos, to provide a single sign-on environment.

You can configure and manage EIM through IBM Navigator for i, the IBM i graphical user interface. The IBM i platform uses EIM to enable IBM i interfaces to authenticate users by means of network authentication service. Applications, as well as IBM i, can accept Kerberos tickets and use EIM to find the user profile that represents the same person as the Kerberos ticket represents.

To learn more about how EIM works, about EIM concepts, and about how you can use EIM in your enterprise review the following: