Creating a default registry policy association
To create a default registry policy association, you must be connected to the Enterprise Identity Mapping (EIM) domain in which you want to work and you must have EIM access control as either a Registry administrator or EIM administrator.
A policy association describes a relationship between multiple user identities and a single user identity in a target user registry. You can use a policy association to describe a relationship between a source set of multiple user identities and a single target user identity in a specified target user registry. Policy associations use EIM mapping policy support to create many-to-one mappings between user identities without involving an EIM identifier.
In a default registry policy association, all users in a single registry are the source of the policy association and are mapped to a single target registry and target user. When you enable the default registry policy association for the target registry, the policy association ensures that these source user identities can all be mapped to a single specified target registry and target user.
To create a default registry policy association, complete these steps:
- From IBM® Navigator for i, expand .
- Click Domain Management.
- If you are not currently connected to the EIM domain controller, a Connect to EIM Domain Controller dialog box is displayed. Enter the connection information to use for the connection to the EIM domain controller. Click OK
- Right-click the EIM domain in which you want to work and select Mapping Policy.
- On the General page, select Enable mapping lookups using policy associations for domain.
- In the Add Default Registry Policy Association dialog,
specify the following required information:
- The registry definition name of the Source registry for the policy association.
- The registry definition name of the Target registry for the policy association.
- The user identity name of the Target user for the policy association.
- Optional. Click Advanced to display
the Add Association - Advanced dialog. Specify lookup
information for the policy association and click OK to
return to the Add Default Registry Policy Association dialog.
If two or more policy associations with the same source registry refer to the same target registry, you must define unique lookup information for each of the target user identities in these policy associations. By defining lookup information for each target user identity in this situation, you ensure that mapping lookup operations can distinguish between them. Otherwise, mapping lookup operations may return multiple target user identities. As a result of these ambiguous results, applications that rely on EIM may not be able to determine the exact target identity to use.
- Click OK to create the new policy association and return to the Registry page. The new default registry policy association now displays in Default policy associations.
- Verify that the new policy association is enabled for the target registry.
- Click OK to save your changes and
exit the Mapping Policy dialog. Note: Verify that mapping policy support and the use of policy associations for target user registry are properly enabled. If it is not enabled, the policy association can not take effect.