Skip to main content

Windows-based Single Signon and the EIM Framework on the IBM eServer iSeries Server

An IBM Redbooks publication

Note: This is publication is now archived. For reference only.


Published on 23 April 2004, updated 23 April 2004

  1. .PDF (5.4 MB)

Share this page:   

ISBN-10: 0738498998
ISBN-13: 9780738498997
IBM Form #: SG24-6975-00

Authors: Gary Lakner, Gregory Bobak, Jan Cifka, Kim Greene, Axel Lachmann, John Taylor and Craig Wayman

    menu icon


    Support for a Kerberos based Network Authentication Service and the introduction of Enterprise Identity Mapping (EIM) were exciting OS/400® V5R2 announcements during 2002.

    A Kerberos based Network Authentication Service enables the iSeries (and any kerberized application) to use a Kerberos ticket for authentication instead of a user ID and password. This enables you to sign on once in the morning to your Kerberos based security server and not be prompted again when accessing your enabled applications. This is called Single Signon (SSO).

    Enterprise Identity Mapping (EIM) is a cross platform solution that involves a wide range of technologies including Kerberos, LDAP, and Kerberos Network Authentication Service. Basically, EIM is a framework provided by IBM that allows the mapping of authenticated users to OS/400 (and application) userids. This extends the power of SSO to the enterprise.

    Because the iSeries is well known as a server that can consolidate a wide range of application programming environments into one manageable system, this IBM Redbooks publication, then, studies the implementation of Kerberos and EIM in a SCON environment that includes OS/400, Windows, and applications that are right now being updated to support the new framework. We provide easy to follow examples that demonstrate all the pieces working together.

    Table of Contents

    Part 1. Introduction to single signon and Enterprise Identity Mapping

    Chapter 1. An overview of single signon

    Chapter 2. Planning for Network Authentication Service and Enterprise Identity Mapping implementation

    Chapter 3. The redbook example scenario

    Part 2. Building blocks for single signon and Enterprise Identity Mapping

    Chapter 4. Kerberos Network Authentication

    Chapter 5. iSeries Network Authentication Service

    Chapter 6. Enterprise Identity Mapping

    Part 3. Installation and configuration

    Chapter 7. Enabling Network Authentication Service and Enterprise Identity Mapping

    Chapter 8. Other scenarios

    Chapter 9. Programming APIs and examples

    Part 4. Appendices

    Appendix A. Backup and recovery

    Appendix B. Troubleshooting

    Appendix C. Windows 2000 Kerberos tools

    Appendix D. Planning forms

    Appendix E. Available EIM products

    Appendix F. Java code listings and output examples

    Appendix G. Additional material


    Others who read this also read