Testing EIM identity mappings

Now that you have created all the associations that you need, you must verify that EIM mapping lookup operations return the correct results based on the configured associations.

1. In IBM® Navigator for i on System A, expand IBM i Management > Security > All Tasks > Enterprise Identity Mapping.
2. Click Domain Management.
3. You must connect to the domain before you can perform actions in it. If you are not already connected to the domain controller, right-click MyCoEimDomain and select Connect then provide the following information and click OK.
   • User type: Distinguished name
   • Distinguished name: cn=administrator
   • Password: mycopwd
4. Right-click MyCoEimDomain and select Test a mapping.
5. In the Test a mapping dialog box, specify or Browse to select the following information:
   • Source registry: MYCO.COM
   • Source user: jday
   • Target registry: SYSTEMA.MYCO.COM
6. Click Test.
   Results will display in the Mapping found portion of the page, as follows:

   For these fields	See these results
   Target user	JOHND
   Origin	EIM Identifier: John Day

7. Click Close.
8. Repeat these steps but select SYSTEMB.MYCO.COM for the Target registry field.
   Results are displayed in the Mapping found portion of the page, as follows:

   For these fields	See these results
   Target user	DAYJO
   Origin	EIM Identifier: John Day

   Test mappings for Sharon Jones

   To test the mappings used for the individual associations for Sharon Jones, follow these steps:

9. In IBM Navigator for i on System A, expand IBM i Management > Security > All Tasks > Enterprise Identity Mapping.
10. Click Domain Management.
11. You must connect to the domain before you can perform actions in it. If you are not already connected to the domain controller, right-click MyCoEimDomain and select Connect then provide the following information and click OK.
    • User type: Distinguished name
    • Distinguished name: cn=administrator
    • Password: mycopwd
12. Right-click MyCoEimDomain and select Test a mapping.
13. In the Test a mapping dialog box, specify or Browse to select the following information:
    • Source registry: MYCO.COM
    • Source user: sjones
    • Target registry: SYSTEMA.MYCO.COM
14. Click Test.
    Results will display in the Mapping found portion of the page, as follows:

    For these fields	See these results
    Target user	SHARONJ
    Origin	EIM Identifier: Sharon Jones

15. Click Close.
16. Repeat steps 1 to 15 but select SYSTEMB.MYCO.COM for the Target registry field.
    Results are displayed in the Mapping found portion of the page, as follows:

    For these fields	See these results
    Target user	JONESSH
    Origin	EIM Identifier: Sharon Jones

    Test mappings used for default registry policy associations

    To test that mappings work as expected for the users in the Order Receiving Department, as based on the policy associations that you defined, follow these steps:

17. In IBM Navigator for i on System A, expand IBM i Management > Security > All Tasks > Enterprise Identity Mapping.
18. Click Domain Management.
19. You must connect to the domain before you can perform actions in it. If you are not already connected to the domain controller, right-click MyCoEimDomain and select Connect then provide the following information and click OK.
    • User type: Distinguished name
    • Distinguished name: cn=administrator
    • Password: mycopwd
20. Right-click MyCoEimDomain and select Test a mapping.
21. On the Test a mapping dialog box, specify or click Browse to select the following information, and click Test:
    1. Source registry: MYCO.COM
    2. Source user: mmiller
    3. Target registry: SYSTEMA.MYCO.COM

       Results are displayed in the Mapping found portion of the page, as follows:

       For these fields	See these results
       Target user	SYSUSERA
       Origin	Registry policy association

22. Click Close.