Creating and joining a new local domain
When you use the EIM Configuration wizard to create and join a new domain, you can choose to configure the EIM domain controller on the local system as part of creating your EIM configuration.
If necessary, the EIM Configuration wizard ensures that you provide basic configuration information for the directory server. Also, if Kerberos is not currently configured on the IBM® i platform, the wizard prompts you to launch the Network Authentication Service Configuration wizard.
- Create a new EIM domain.
- Configure the local directory server to act as the EIM domain controller.
- Configure network authentication service for the system.
- Create EIM registry definitions for the local IBM i registry and the Kerberos registry.
- Configure the system to participate in the new EIM domain.
To configure your system to create and join a new EIM domain, you must have all the following special authorities:
- Security administrator (*SECADM).
- All object (*ALLOBJ).
- System configuration (*IOSYSCFG).
To use the EIM Configuration wizard to create and join a new local domain, complete these steps:
Finalize your EIM configuration for the domain
Additionally, you might want to use Secure Sockets Layer (SSL) or Transport Layer Security (TLS) to configure a secure connection to the EIM domain controller to protect the transmission of EIM data. If you enable SSL for the directory server, you must update EIM configuration properties to specify that the IBM i platform uses a secure SSL connection. Also, you must update the properties for the domain to specify that EIM uses SSL connections for managing the domain through IBM Navigator for i.