Set up Active Directory Application Mode

You are here
LDAP user registry Installing Active Directory Application Mode Setting up Active Directory Application Mode (Current task) Configuring Active Directory Application Mode for non-realm support Configuring Active Directory Application Mode for realm support Additional LDAP configuration Verifying LDAP

IBM WebSphere Portal has been tested to support Microsoft Active Directory Application Mode. See the WebSphere Portal requirements for supported versions. You must perform special configuration steps to enable Active Directory Application Mode to work with WebSphere Portal. Use the following topics as a guide to configuring the directory server. This topic includes the following sections:

• Creating a new user as the portal administrator

• Example of the Active Directory Application Mode structure

 

Before you begin

Active Directory Application Mode should be installed and configured before you install WebSphere Portal.

 

Create a new user as the portal administrator

Use the following steps as a guide if the portal administrative user does not exist in the directory:

Active Directory Application Mode has a limitation of 20 characters for the user account name; for example, uid or cn. If you create a user with more than 20 characters, you will receive the following error:

EJPSG0015E: Data Backend Problem com.ibm.websphere.wmm.exception.WMMSystemException: 
The following Naming Exception occurred during processing: 
"javax.naming.NamingException: [LDAP: error code 80 - 00000523: SysErr: DSID-031A0B4C, problem 22 (Invalid argument), data 0]; 
remaining name 'cn=yournamefirstname_lastname,dc=yourco'; resolved object com.sun.jndi.ldap.LdapCtx@6b9c4ac9".

1. Use the Windows administrative tools to create a new user to be the first portal administrative user.

2. Set the password for the new portal administrative user you created.

3. Activate the portal administrative user account using the Windows administrative tools.

   To enable a user, set the msDS-UserAccountDisabled attribute to false.

4. Use the installation program to install WebSphere Portal. Enter the attributes specific to the Active Directory Application Mode settings.

 

Example of the Active Directory Application Mode structure

The following schema is an example for Active Directory Application Mode and is referenced throughout the documentation for consistency. The example below is designed to help you determine the appropriate values when configuring WebSphere Portal to work with the specific directory layout. The values shown match the default values for this LDAP. If you have an existing schema that varies from this example, replace the example values with the values. For instance, cn is shown as the group prefix; replace cn with the group prefix for the schema.

LDAP suffix="dc=yourco,dc=com" user prefix="uid" user suffix="cn=users" group prefix="cn" group suffix="cn=groups" Portal administrator DN="uid=wpsadmin,cn=users,dc=yourco,dc=com" Portal administrator group="cn=wpsadmins,cn=groups,dc=yourco,dc=com"

 

Next steps

You have completed this step. Continue to the next step by choosing one of the following topics:

• Configuring Active Directory Application Mode for non-realm support

• Configuring Active Directory Application Mode for realm support

 

Parent topic:

Setting up LDAP

 

---