security_active_directory.properties
############################################################################## # # WebSphere Portal 5.0 parent configuration file for: # Configuring security with Microsoft Active Directory # # NOTE: Do NOT enclose any value in quotes! # NOTE: Windows paths must use '/', not '\'. # NOTE: Windows long paths are OK. # NOTE: Properties are immutable. Once set, they cannot be overriden. # ############################################################################### ############################################################################### # # How to use this file: # # 1. Consult InfoCenter for detailed instructions on the properties and tasks # listed in this file: # Installing> LDAP> Configuring for LDAP> Active Directory # (Note the extra steps required for Portal to create and modify users.) # 2. Edit this file to match your environment # 3. Start appserver "server1" # Stop appserver "WebSphere_Portal" # 4. Change into the <wp_root>/config directory # 5. Import the contents of this file into wpconfig.properties: # on Windows: # WPSconfig -DparentProperties="<full_path_to_this_file>" -DSaveParentProperties=true # # on other platforms # ./WPSconfig.sh -DparentProperties=<full_path_to_this_file> -DSaveParentProperties=true # 6. Test connections to directory: # on Windows: # WPSconfig validate-ldap # # on other platforms # ./WPSconfig.sh validate-ldap # 7a. If WebSphere Application Server security is enabled, run the following task: # on Windows: # WPSconfig secure-portal-ldap # # on other platforms # ./WPSconfig.sh secure-portal-ldap # 7b. or if WebSphere Application Server security is NOT enabled, run the following task: # on Windows: # WPSconfig enable-security-ldap # # on other platforms # ./WPSconfig.sh enable-security-ldap # 8. Stop appserver "server1" # Start appserver "server1" # Start appserver "WebSphere_Portal" # ############################################################################### ############################################################################### # WebSphere Application Server Properties - BEGIN ############################################################################### # WasUserid: The user ID for WebSphere Application Server security authentication WasUserid=cn=wpsbind,cn=users,dc=yourco,dc=com # WasPassword: The password for WebSphere Application Server security authentication (LDAP and CUR) WasPassword= # WpsHostName: The name of the WebSphere Portal host # Note: a fully-qualified hostname is required to set up security and to communicate # with the Portal after security is enabled. WpsHostName=<WpsHostName> ############################################################################### # WebSphere Application Server Properties - END ############################################################################### ############################################################################### # Portal Config Properties - BEGIN ############################################################################### # PortalAdminId: The user ID for the WebSphere Portal Administrator PortalAdminId=cn=wpsadmin,cn=users,dc=yourco,dc=com # PortalAdminIdShort: The short WebSphere Portal admin ID PortalAdminIdShort=wpsadmin # PortalAdminPwd: The password for the WebSphere Portal Administrator PortalAdminPwd= # PortalAdminGroupId: The group ID for the WebSphere Portal Administrator group PortalAdminGroupId=cn=wpsadmins,cn=groups,dc=yourco,dc=com # PortalAdminGroupIdShort: The WebSphere Portal admin group ID PortalAdminGroupIdShort=wpsadmins ############################################################################### # Portal Config Properties - END ############################################################################### ################################################################## # # WebSphere Portal Security Configuration - BEGIN # ################################################################## ################################################################## # WebSphere Portal Security LTPA and SSO configuration ################################################################## # LTPAPassword: Specifies the password to encrypt and decrypt the LTPA keys. LTPAPassword= # LTPATimeout: Specifies the time period in minutes at which an LTPA token will expire. LTPATimeout=120 # SSORequiresSSL: Specifies that Single Sign-On function is enabled # only when requests are over HTTPS Secure Socket Layer (SSL) connections. SSORequiresSSL=false # SSODomainName: Specifies the domain name (.ibm.com, for example) for all Single Sign-on hosts. SSODomainName=<SSODomainName> ################################################################## # General Global Security Settings ################################################################## # Description: The values in this section should only be adapted by advanced users # useDomainQualifiedUserNames: Specifies the user names to qualify with the security domain within which they reside. useDomainQualifiedUserNames=false # cacheTimeout: Specifies the timeout value in seconds for security cache. cacheTimeout=600 # issuePermissionWarning: Specifies that when the Issue permission warning is enabled, during application deployment # and application start, the security run time emits a warning if applications are granted any custom permissions. issuePermissionWarning=true # activeProtocol: Specifies the active authentication protocol for RMI/IIOP requests when security is enabled. activeProtocol=BOTH # activeAuthMechanism: Specifies the active authentication mechanism, when security is enabled. activeAuthMechanism=LTPA ################################################################## # LDAP Properties Configuration - BEGIN ################################################################## # LookAside: To configure LDAP with an additional LookAside Database # true - LDAP + Lookaside database # false - only LDAP LookAside=false # LDAPHostName: The LDAP server hostname LDAPHostName=<LDAPHostName> # LDAPPort: The LDAP server port number # For example, 389 for non-SSL or 636 for SSL LDAPPort=389 # LDAPAdminUId: The LDAP administrator ID LDAPAdminUId=cn=Administrator,cn=Users,dc=yourco,dc=com # LDAPAdminPwd: The LDAP administrator password LDAPAdminPwd= # LDAPServerType: The type of LDAP server to be used for WebSphere Portal LDAPServerType=ACTIVE_DIRECTORY #LDAPBindID: The user ID for LDAP Bind authentication LDAPBindID=cn=wpsbind,cn=users,dc=yourco,dc=com #LDAPBindPassword: The password for LDAP Bind authentication LDAPBindPassword= ################################################################## # LDAP Properties Configuration - END ################################################################## ################################################################ # Advanced LDAP Configuration - BEGIN ################################################################ # LDAPSuffix: The LDAP suffix appropriate for your LDAP server LDAPSuffix=dc=yourco,dc=com # LdapUserPrefix: The LDAP user prefix appropriate for your LDAP server LdapUserPrefix=cn # LDAPUserSuffix: The LDAP user suffix appropriate for your LDAP server LDAPUserSuffix=cn=users # LdapGroupPrefix: The LDAP group prefix appropriate for your LDAP server LdapGroupPrefix=cn # LDAPGroupSuffix: The LDAP group suffix appropriate for your LDAP server LDAPGroupSuffix=cn=groups # LDAPUserObjectClass: The LDAP user object class appropriate for your LDAP server LDAPUserObjectClass=user # LDAPGroupObjectClass: The LDAP group object class appropriate for your LDAP server LDAPGroupObjectClass=group # LDAPGroupMember: The LDAP group member attribute name appropriate for your LDAP server LDAPGroupMember=member # LDAPUserFilter: The LDAP user filter appropriate for your LDAP server (to work with default values in WMM) LDAPUserFilter=(&(|(cn=%v)(samAccountName=%v))(objectclass=user)) # LDAPGroupFilter: The LDAP group filter appropriate for your LDAP server (to work with default values in WMM) LDAPGroupFilter=(&(cn=%v)(objectclass=group)) # LDAPGroupMinimumAttributes: This attribute is loaded for group search (performance issues) LDAPGroupMinimumAttributes= # LDAPUserBaseAttributes: These attributes are loaded for user login (performance issues) LDAPUserBaseAttributes=givenName,sn,preferredLanguage # LDAPUserMinimumAttributes: These attributes are loaded for user search (performance issues) LDAPUserMinimumAttributes= #LDAPsearchTimeout: Specifies the timeout value in seconds for an LDAP server to respond before aborting a request. LDAPsearchTimeout=120 #LDAPreuseConnection: Should set to true by default to reuse the LDAP connection. # { false | true } LDAPreuseConnection=true #LDAPIgnoreCase: Specifies that a case insensitive authorization check is performed. # { false | true } LDAPIgnoreCase=true #LDAPsslEnabled: Specifies whether secure socket communications is enabled to the LDAP server. # { false | true } # Set to true if configuring LDAP over SSL LDAPsslEnabled=false ################################################################ # Advanced LDAP Configuration - END ################################################################ #WmmSystemId: The user ID for WMM system identification # See LDAP examples below: # IBM Directory Server: { uid=<wmmsystemid>,cn=users,dc=yourco,dc=com } # Domino: { cn=<wmmsystemid>,o=yourco.com } # Active Directory: { cn=<wmmsystemid>,cn=users,dc=yourco,dc=com } # SunOne: { uid=<wmmsystemid>,ou=people,o=yourco.com } # Novell eDirectory { uid=<wmmsystemid>,ou=people,o=yourco.com } WmmSystemId=<wmm_system_id_user> #WmmSystemIdPassword: The password for WMM system identification WmmSystemIdPassword=<wmm_system_id_password> ################################################################## # LDAP Properties - END ################################################################## ################################################################## # # WebSphere Portal Security Configuration - END # ##################################################################WebSphere is a trademark of the IBM Corporation in the United States, other countries, or both.
IBM is a trademark of the IBM Corporation in the United States, other countries, or both.