Creating EIM identifier association

Identifier associations define a relationship between an Enterprise Identity Mapping (EIM) identifier and a user identity in your enterprise for the person or entity to whom the EIM identifier refers.

You can create three types of identifier association: target, source, and administrative. To prevent potential problems with associations and how they map identities, review Developing an identity mapping plan .

To create an identifier association, you must be connected to the EIM domain in which you want to work and you must have the EIM access control required by the type of association that you want to create.

To create a source or an administrative association, you must have EIM access control at one of these levels:

  • Identifier administrator.
  • EIM administrator.
To create a target association, you must have EIM access control at one of these levels:
  • Registry administrator.
  • Administrator for selected registries (for the registry definition that refers to the user registry that contains the target user identity)
  • EIM administrator.

To create an identifier association, complete these steps:

  1. From IBM® Navigator for i, expand Security > All Tasks > Enterprise Identity Mapping.
  2. Click Domain Management.
  3. Right-click the EIM domain in which you want to work and select Open.
  4. Right-click Identifiers and select Open to display the list of EIM identifiers for the domain.
  5. Right-click the EIM identifier for which you want to create an association and select Properties...
  6. Select the Associations page and click Add....
  7. In the Add Association dialog, provide information to define the association, as follows:
    • The name of the registry that contains the user identity that you want to associate with the EIM identifier. Specify the exact name of an existing registry definition or browse to select one.
    • The name of the user identity that you want to associate with the EIM identifier.
    • The type of association. You can create one of three different types of associations:
      • Administrative
      • Source
      • Target
  8. Click ? for help, if necessary, to determine what information to specify for each field.
  9. Optional. For a target association, click Advanced... to display the Add Association - Advanced dialog. Specify lookup information for the target user identity and click OK to return to the Add Association dialog.
  10. After you provide the required information, click OK to create the association.