WAS v8.5 > Secure applications > Authenticate users > Select a registry or repository > Configure LDAP user registries > Locating user group memberships in a LDAP registryConfigure dynamic and nested group support for the SunONE or iPlanet Directory Server
Configure dynamic and nested groups to simplify WebSphere Application Server security management and increase its effectiveness and flexibility.
To use dynamic and nested groups with WAS security, you must be running WAS v6.1 or later. Refer to Dynamic groups and nested group support for LDAP for more information on this topic.
- In the dmgr console for WAS, click Security > Global security.
- Under User account repository, click the Available realm definitions drop-down list, select Standalone LDAP registry, and click Configure.
- Select SunONE for the type of LDAP server.
- Select the Ignore case for authorization option.
- Under Additional Properties, click Advanced LDAP user registry settings.
- Change the Group filter setting to &(cn=%v)(objectclass=ldapsubentry)).
- Change the Group member ID map setting to nsRole:nsRole.
- Click Apply or OK to validate the changes.
Related concepts:
Standalone LDAP registries
Related
Configure LDAP user registries
Locating user group memberships in a LDAP registry
Configure dynamic and nested group support for the IBM Tivoli Directory Server
Use specific directory servers as the LDAP server