IBM BPM, V8.0.1, All platforms > Securing IBM BPM and applications > Configure external security providers
Configure LDAP security provider users and groups
To use a standalone Lightweight Directory Access Protocol (LDAP) registry in IBM BPM, you must add the specific users and groups.
IBM recommends that you configure the LDAP security provider using a federated repository (also referred to as virtual member manager).
Restriction: You must search for IBM BPM users by the user ID in stand-alone LDAP user repositories. Searching for users by first or last name is not supported in this configuration.
Procedure
Add the following users and groups to the LDAP security provider. Refer to Adding users and groups for steps and Default users and groups for information about the user categories.
- Add seven default users: one bpmAuthor user and the following six tw_* users:
- tw_admin
- tw_author
- tw_portal_admin
- tw_runtime_server
- tw_user
- tw_webservice
If you are migrating from an earlier version, the passwords in the LDAP interchange file should match the passwords that were specified in the previous version (for example, the default passwords in version 7.5.0 or the primary admin password in versions 7.5.1 or 8.0).
- Add one primary administrative user.
- Add the TWSecurityProviderUsers group.
Configure external security providers
Related information:
Default users and groups