Configure the LDAP people directory provider

IBM BPM, V8.0.1, All platforms > Install IBM BPM > IBM BPM Advanced for z/OS: Process Server > Configure IBM BPM Advanced for z/OS: Process Server > Configure components > Configure optional components > Configure Business Process Choreographer > Configure the people directory provider
Configure the LDAP people directory provider

You configure the Lightweight Directory Access Protocol (LDAP) people directory provider so that Business Process Choreographer can perform people assignment, which determines who can start processes or claim activities or tasks.

To configure LDAP, you must have planning for it, as described in Plan for the people directory provider.

The LDAP people directory provider configuration is initialized with a URL that points to a local LDAP server. You must change the URL later, to point to the actual LDAP server, which is normally remote to the application server. The LDAP people directory provider is configured for an LDAP server that allows anonymous access.

Procedure

Make a copy of the standard transformation file for LDAP, and give it another name, for example, myLDAPTransformation.xsl. The standard XSL transformation for LDAP is located in INSTALL_ROOT/ProcessChoreographer/Staff/LDAPTransformation.xsl.
Adapt the copy of the transformation file to suit the schema for your organization, as described in Adapting the LDAP transformation file.
CAUTION:
Do not modify the original version of the transformation file because it can be overwritten without warning when you apply a service pack or fix pack.
If Business Process Choreographer is configured on a cluster, place the copy of the transformation file in the ProcessChoreographer/Staff directory to make it available on each Process Server installation that hosts members of the cluster.
In the administrative console, click Resources > People directory provider.
Select the appropriate node from the following list:

Option Description

For a standalone profile Only one node is displayed.
In a ND environment, where Business Process Choreographer is configured on one server Select the node that contains the server.
In a ND environment, where Business Process Choreographer is configured on a cluster You must configure the people directory provider (perform step 6) on every node that hosts members of the cluster. Select the first node, configure the people directory provider on that node, then repeat the configuration (step 6) for all of the other nodes that host members of the cluster.

Create a new LDAP configuration on the selected node:

Click LDAP People Directory Provider.
Under Additional Properties, click People directory configuration.
Click New > Browse, and select the copy of the Extensible Stylesheet Language (XSL) transformation file that you adapted in step 2. If the node agent is running, you can browse the file system of remote nodes to select the file.
Click Next to copy the file to the ProcessChoreographer\Staff directory on the selected node.
Enter an administrative name for the new people directory configuration, and optionally, a description
Enter a unique Java™ Naming and Directory Interface (JNDI) name for human tasks to use to reference this provider.
For example, bpe/staff/ldapserver1
Click Apply, then click Custom Properties.
For each of the required properties and for any optional properties that you planned in 2, click the name of the property, enter a value, and click OK. For the optional additional properties, you can set properties that are defined for JNDI, for example to enable LDAP referrals, create an additional property named java.naming.referral with the value follow.
For providerURL, you can specify a URL that starts with ldap:// or ldaps://. If you have multiple LDAP servers that contain mirrored data for high availability, enter the URLs for the LDAP servers, using the space character to separate them.
To apply the changes, click Save.

To activate the provider configuration, stop and start the server or servers where you configured the provider.

Results
Human tasks and processes can now use the people assignment services to resolve people assignment queries and to determine which activities can be performed by which people.

Adapting the LDAP transformation file
Describes how to adapt the LDAP transformation XSL file to suit your organization's LDAP schema.

Configure the people directory provider

Option	Description
For a standalone profile	Only one node is displayed.
In a ND environment, where Business Process Choreographer is configured on one server	Select the node that contains the server.
In a ND environment, where Business Process Choreographer is configured on a cluster	You must configure the people directory provider (perform step 6) on every node that hosts members of the cluster. Select the first node, configure the people directory provider on that node, then repeat the configuration (step 6) for all of the other nodes that host members of the cluster.