Set supported entity types in a federated repository configuration



Overview

Configure supported entity types first before managing accounts with Users and Groups

Predefined entity types include...

You cannot add or delete supported entity types.

The Base entry for the default parent determines the repository location where entities of the specified type are placed on write operations by user and group management.

To manage users and groups, click Users and Groups Click either Manage Users or Manage Groups.

 

Procedure

  1. In the admin console, click...

      Security | Global security

  2. Under User account repository, select Federated repositories from the Available realm definitions field and click Configure.

  3. Click Supported entity types to view a list of predefined entity types.

  4. Click the name of a predefined entity type to change its configuration.

  5. Supply the distinguished name of a base entry in the repository in the Base entry for the default parent field.

    This entry determines the default location in the repository where entities of this type are placed on write operations by user and group management.

  6. Supply the relative distinguished name (RDN) properties...

      Group cn
      PersonAccount uid
      cn
      OrgContainer o
      ou
      dc
      cn

    Delimit multiple properties for the OrgContainer entity with a semicolon (;).

    Requirements and limitations...

    Microsoft Active Directory Unless you modify the LDAP schema to use uid, specify cn in the RDN properties field for the PersonAccount entity type.

    SSL communications must be enabled to create users with passwords.

    User generally is specified as the value for the PersonAccount entity type.

    Group generally is specified as the value for the Group entity type.

    Lotus Domino Enterprise Server cn is generally specified in the RDN properties field for the PersonAccount entity type. The value of uid is also acceptable.

    Both inetOrgPerson and dominoPerson typically are used for PersonAccount.

    Sun ONE Directory Server groupOfUniqueNames is generally specified as the value for the Group entity type.

  7. Click OK.

 

Results

After completing these steps, the federated repository configuration, which uses supported entity types, is configured.

 

Next steps

  1. After configuring the federated repositories, click Security > Global security to return to the Global security panel. Verify that Federated repositories is identified in the Current realm definition field. If Federated repositories is not identified, select Federated repositories from the Available realm definitions field and click Set as current. To verify the federated repositories configuration, click Apply on the Global security panel. If Federated repositories is not identified in the Current realm definition field, the federated repositories configuration is not used by WAS.

  2. If enabling security, complete the remaining steps as specified in Enable security for the realm. As the final step, validate this setup by clicking Apply on the Global security panel.

  3. Save, stop, and restart all WAS servers (dmgrs, nodes, and Application Servers) for changes in this panel to take effect. If the server comes up without any problems, the setup is correct.


Supported entity types collection
Supported entity types settings