Creating identifier associations for John Day
You must create the appropriate associations between the EIM identifier, John Day, and the user identities that the person represented by the identifier uses. These identifier associations, when properly configured, enable the user to participate in a single sign-on environment.
In this scenario, you need to create
one source association and two target associations for the John Day
identifier:
- A source association for the jday Kerberos principal, which is the user identity that John Day, the person, uses to log in to Windows and the network. The source association allows the Kerberos principal to be mapped to another user identity as defined in a corresponding target association.
- A target association for the JOHND IBM® i user profile, which is the user identity that John Day, the person, uses to log in to IBM i model and to other IBM i applications on System A. The target association specifies that a mapping lookup operation can map to this user identity from another one as defined in a source association for the same identifier.
- A target association for the DAYJO IBM i user profile, which is the user identity that John Day, the person, uses to log in to IBM Navigator for i and other IBM i applications on System B. The target association specifies that a mapping lookup operation can map to this user identity from another one as defined in a source association for the same identifier.
Use the information from your planning work sheets to create the associations.
To create the source association for John Day's Kerberos principal, follow these steps:
To create a target association for
John Day's IBM i user
profile on System A, follow these steps:
- On the Associations page, click Add.
- In the Add Association dialog box, specify
or Browse to select the following information,
and click OK:
- Registry: SYSTEMA.MYCO.COM
- User: JOHND
- Association type: Target
- Click OK to close the Add Associations dialog box.
To create a target association for John
Day's IBM i user
profile on System B, follow these steps:
- On the Associations page, click Add.
- In the Add Association dialog box, specify
or Browse to select the following information,
and click OK:
- Registry: SYSTEMB.MYCO.COM
- User: DAYJO
- Association type: Target
- Click OK to close the Add Associations dialog box.
- Click OK to close the Properties dialog box.
Now that you have created the identifier associations that map John Day's user identities to his EIM identifier, you can create similar associations for Sharon Jones.