Hi Jochem,
After importing eem.register.app.xml you should have about 14 policies in the APM application in EEM UI.
Is this is not the case, maybe something went wrong when you import the safex script.
Some policies are needed for both Introscope and CEM
Specific for Introscope are Domain,Server, Webservices and Access Policy,
Here is a KB that cover the initial configuration steps:
How to implement CA EEM and LDAP for Authenticatio - CA Knowledge
You might want to refer to this page in docops:
Securing Introscope using CA EEM - CA Application Performance Management - 10.7 - CA Technologies Documentation
If your plan is to use EEM for authentication and authorization, then keep in mind that you will need to migrate your domains-agent permissions in domains.xml as Domain Policies in EEM , I wrote a how to doc in the past, so I have upload it to this location
How to migrate LOCAL custom domains and security to EEM.pdf
For ATC, the authorization is different, you will need to grant permissions by universes as indicated in this provided KB
Read-only users get error about APM Team Center un - CA Knowledge
I hope this helps
Regards,
Sergio