Enabling registries to participate in lookup operations and to use policy associations

To use policy associations for a registry, you must enable their use for that registry as well as enable that registry to participate in lookup operations.

EIM allows you to control how each registry participates in EIM. Because a policy association can have a large scale effect within an enterprise, you can control whether a registry can be affected by policy associations. Also, you can control whether a registry can participate in mapping lookup operations at all.

To enable registries to use policy associations and participate in lookup operations, complete the following procedures:

To enable the MYCO.COM registry to participate in mapping lookup operations, follow these steps:

  1. From IBM® Navigator for i on System A, expand IBM i Management > Security > All Tasks > Enterprise Identity Mapping.
  2. Click Domain Management.
  3. You must connect to the domain before you can perform actions in it. If you are not already connected to the domain controller, right-click MyCoEimDomain and select Connect then provide the following information and click OK.
    • User type: Distinguished name
    • Distinguished name: cn=administrator
    • Password: mycopwd
  4. Right-click MyCoEimDomain and select Open.
  5. Right-click User Registries and select Open.
  6. Right-click the MYCO.COM registry and select Mapping Policy.
  7. On the General page, select Enable mapping lookups for registry MYCO.COM, and click OK.

To enable the SYSTEMA.MYCO.COM registry to participate in mapping lookup operations and to use policy associations, follow these steps:

  1. From IBM Navigator for i on System A, expand IBM i Management > Security > All Tasks > Enterprise Identity Mapping
  2. Click Domain Management.
  3. Right-click MyCoEimDomain and select Open.
  4. Right-click User Registries and select Open.
  5. Right-click the SYSTEMA.MYCO.COM registry and select Mapping Policy.
  6. On the General page, select Enable mapping lookups for registry SYSTEMA.MYCO.COM, select Use policy associations, and click OK.

Repeat these steps to enable the SYSTEMB.MYCO.COM registry to participate in mapping lookup operations and to use policy associations, but on the General page, select Enable mapping lookups for registry SYSTEMB.MYCO.COM, select Use policy associations, and click OK.

Now that you have completed the EIM configuration for your registries and users, you should test the resulting mappings to ensure that they work as planned.