IBM Enterprise Identity Mapping
IBM Enterprise Identity Mapping (EIM) is a framework from IBM that allows the mapping of different identities (user IDs) on various platforms, user repositories and applications to a single identity.
It can be used with a range of authentication mechanisms such as Kerberos (protocol) (e.g. as used by MS Active Directory) to allow one user repository to authenticate the user and for this information to be passed via a secure token to another platform for authorisation even when the User IDs differ. The target platform refers to EIM to obtain the mapping identity for its own repository.
In this way it enables single sign-on. It is sometimes possible to eliminate passwords on the target system.
It is available free of charge on all IBM server platforms including those running z/OS, IBM i, IBM AIX, Linux, PowerLinux and Windows Server plus earlier releases such as i5/OS. In the case of IBM i both EIM and Kerberos authentication are an integral part of the OS.
1. IBM Redbook: Windows-based Single Signon and the EIM Framework on the IBM eServer iSeries Server, ISBN 9780738498997, IBM Form Number SG24-6975-00, Number of pages 316. http://www.redbooks.ibm.com/abstracts/sg246975.html
2. Enterprise Identity Mapping. IBM Knowledge Center. http://www-01.ibm.com/support/knowledgecenter/ssw_ibm_i_72/rzalv/rzalvmst.htm?lang=en