Preparing to configure the LDAP directoryDetermine which Lightweight Directory Access Protocol (LDAP) attributes you want to use as the identifiers for IBM Connections users.
Before you beginEnsure that you have installed a supported LDAP directory. For more information about supported LDAP directories, see the IBM Connections detailed system requirements topic.
About this taskTo prepare to configure your LDAP directory with IBM WAS...
- Identify LDAP attributes to use for the following roles. If no corresponding attribute exists, create one. You can use an attribute for multiple purposes. For example, you can use the mail attribute to perform the login and messaging tasks.
The cn LDAP attribute is used to display a person's name in the product user interface. Ensure that the value you use in the cn attribute is suitable for use as a display name.
Determine which attribute or attributes you want people to be able to use to log in to IBM Connections. For example: uid. See Choosing log in values for important considerations when deciding which attributes to use.
Note: The login name must be unique in the LDAP directory.
(Optional.) Determine which attribute to use to define the email address of a person. The email address must be unique in the LDAP directory. If a person does not have an email address and does not have an LDAP attribute that represents the email address, that person cannot receive notifications.
Global unique identifier (GUID)
Determine which attribute to use as the unique identifier of each person and group in the organization. This value must be unique across the organization. For more information, see the Specify the global ID attribute for users and groups topic.
- Collect the following information about your LDAP directory before configuring it for WAS:
- Directory Type. Identifies and selects a directory service from the available vendors and versions.
- Primary host name
- Bind distinguished name
- Bind password
- Certificate mapping
- Certificate filter, if applicable.
- LDAP entity types or classes. Identifies and selects LDAP object classes. For example, select the LDAP inetOrgPerson object class for the Person Account entity, or the LDAP groupOfUniqueNames object class for the Group entity.
- Search base. Identifies and selects the distinguished name (DN) of the LDAP subtree as the search scope. For example, select o=ibm.com to allow all directory objects underneath this subtree node to be searched. For example: Group, OrgContainer, PersonAccount, or inetOrgPerson.
Choosing login values
Determine which LDAP attribute or attributes you to use to log in to IBM Connections.
Specify the global ID attribute for users and groups
Determine which attribute to use as the unique identifier of each person and group in the organization. This value must be unique across the organization.
Specify a custom ID attribute for users or groups
Specify custom global unique ID attributes to identify users and groups in the LDAP directory.
Parent topicPre-installation tasks
Install IBM WAS
Setting up federated repositories
Populating the Profiles database
IBM Connections system requirements