Configure Member Manager

Configure Member Manager
The information on this page explains how to configure Member Manager.
Prerequisite You have configured the WebSphere Commerce database when using customized DNs.
On the WebSphere Commerce machine, open the following file:
WC_profiledir/config/wmm/wmm.xml
WC_installdir /WAS_profiledir/config/wmm/wmm.xml
Replace the DNs within the tags with your DNs. For illustration use the following DNs:

Microsoft Active Directory

Root Organization: dc=domain,dc=ibm,dc=com
Default Organization: cn=users,dc=domain,dc=ibm,dc=com

Other Directory Servers

Root Organization: o=root organization
Default Organization: o=default organization,o=root organization
Search for the tag <supportedMemberType name="Person">
If you use Microsoft Windows Active Directory:

Replace rdnAttrTypes="uid" with rdnAttrTypes="cn"
Replace defaultParentMember="cn=users,dc=yourco,dc=com" your organization. For example, defaultParentMember="cn=users,dc=domain,dc=ibm,dc=com".
If you do not use Microsoft Windows Active Directory replace defaultParentMember="cn=users,dc=yourco,dc=com" in the tag with
defaultParentMember="o=default organization,o=root organization"
Search for the tag <supportedMemberType name="Organization">
If you use Microsoft Windows Active Directory replace defaultParentMember="cn=users,dc=yourco,dc=com" in the tag with
defaultParentMember="dc=domain,dc=ibm,dc=com"
If you do not use Microsoft Windows Active Directory replace defaultParentMember="cn=users,dc=yourco,dc=com" in the tag with
defaultParentMember="o=root organization"
Search for the tag <supportedMemberType name="OrganizationalUnit">
If you use Microsoft Windows Active Directory replace defaultParentMember="cn=users,dc=yourco,dc=com" in the tag with
 defaultParentMember="dc=domain,dc=ibm,dc=com"
If you do not use Microsoft Windows Active Directory replace defaultParentMember="cn=users,dc=yourco,dc=com" in the tag with
defaultParentMember="o=root organization"
Search for the tag <supportedMemberType name="Group">
If you use Microsoft Windows Active Directory replace defaultParentMember="cn=users,dc=yourco,dc=com" in the tag with
 defaultParentMember="dc=domain,dc=ibm,dc=com"
If you do not use Microsoft Windows Active Directory replace defaultParentMember="cn=users,dc=yourco,dc=com" in the tag with
defaultParentMember="o=root organization"
Search for the tag <ldapRepository name="wmmLDAP" and complete the following steps:
Search for the following entries:
adapterClassName=
configurationFile=
Replace the existing text with the text from the following table, based on the LDAP server you are using:
Directory Server Entries
IBM Directory Server V5.1/5.1P
adapterClassName="com.ibm.ws.wmm.ldap.ibmdir.IBMDirectoryAdapter
Impl"
configurationFile="xml/wmmLDAPAttributes_IDS.xml"
IBM Directory Server V5.2
adapterClassName="com.ibm.ws.wmm.ldap.ibmdir.IBMDirectoryAdapter
Impl" 
configurationFile="xml/wmmLDAPAttributes_IDS.xml"
Sun ONE Directory Server 5.0
adapterClassName="com.ibm.ws.wmm.ldap.sunone.SunOneDirectoryAdapter
Impl" 
configurationFile="xml/wmmLDAPAttributes_SO.xml"
IBM Lotus Domino V6 LDAP Services
adapterClassName="com.ibm.ws.wmm.ldap.domino.Domino6LdapAdapter
Impl" 
configurationFile="xml/wmmLDAPAttributes_DM.xml"
Microsoft Windows Active Directory 2000
adapterClassName="com.ibm.ws.wmm.ldap.activedir.ActiveDirectory2003
AdapterImpl" 
configurationFile="xml/wmmLDAPAttributes_AD.xml"
Microsoft Windows Active Directory 2003
adapterClassName="com.ibm.ws.wmm.ldap.activedir.ActiveDirectory2003
AdapterImpl" 
configurationFile="xml/wmmLDAPAttributes_AD.xml

Update the following block with values for your directory server:

adminId="LDAP_admin_ID" 
adminPassword="Encrypted_LDAP_admin_password" 
ldapHost="LDAP_hostname" 
ldapPort="ldap_port"
sslEnabled="SSL_setting"

If you do not use SSL, change the ldapPort to your LDAP server's port, and update the sslEnabled variable. For example
```
 ldapPort="389"
```
```
sslEnabled="false"
```
If you use SSL (SSL is mandatory for Microsoft Active Directory users), change the ldapPort to 636, and update the sslEnabled variable to "true". You must also update the following SSL variables with values that correspond to the truststore file that is storing your LDAP server certificate. For example
```
sslKeyStore="WC_profiledir/etc/DummyServerKeyFile.jks"
sslKeyStorePassword="WebAS"
sslLocalScope="true"
sslTrustStore="WC_profiledir/etc/DummyServerTrustFile.jks"
sslTrustStorePassword="WebAS"
```
You must use the wcs_encrypt utility to generate the encrypted LDAP admin password. Do not specify the merchant key when running this command.

Find the following block:

<nodeMaps>
        <nodeMap node="dc=yourco,dc=com" pluginNode="dc=yourco,dc=com"/>
        <nodeMap node="cn=users,dc=yourco,dc=com" pluginNode="cn=users,dc=yourco,dc=com"/>
        <nodeMap node="cn=groups,dc=yourco,dc=com" pluginNode="cn=groups,dc=yourco,dc=com"/>
</nodeMaps>

Replace the information in this section with the following information. For illustration use the following DNs:

Microsoft Active Directory

Root Organization: dc=domain,dc=ibm,dc=com
Default Organization: cn=users,dc=domain,dc=ibm,dc=com

Other Directory Servers

Root Organization: o=root organization
Default Organization: o=default organization,o=root organization

If you use Microsoft Windows Active Directory replace the block with the following block

<nodeMaps>
        <nodeMap node="dc=domain,dc=ibm,dc=com" 
         pluginNode="dc=domain,dc=ibm,dc=com"/>
        <nodeMap node="cn=users,dc=domain,dc=ibm,dc=com" 
         pluginNode="cn=users,dc=domain,dc=ibm,dc=com"/>
        <nodeMap node="cn=groups,dc=yourco,dc=com"
         pluginNode="cn=groups,dc=yourco,dc=com"/> 
</nodeMaps>

If you do not use Microsoft Windows Active Directory replace the block with the following block

<nodeMaps>
        <nodeMap node="o=root organization" pluginNode="o=root organization"/>
        <nodeMap node="o=default organization,o=root organization" pluginNode=
   "o=default organization,o=root organization"/>
</nodeMaps>

Find the <supportedLdapEntryTypes> tag. Within this tag, complete the following steps. For illustration use the following DNs:

Microsoft Active Directory

Root Organization: dc=domain,dc=ibm,dc=com
Default Organization: cn=users,dc=domain,dc=ibm,dc=com

Other Directory Servers

Root Organization: o=root organization
Default Organization: o=default organization,o=root organization

Find the supportedLdapEntryType name="Person" tag and complete one of the following steps:
- If you use Microsoft Windows Active Directory, replace searchBases="cn=users,dc=yourco,dc=com"/> in the tag with the following text
```
searchBases="dc=domain,dc=ibm,dc=com"/>
```
- If you do not use Microsoft Windows Active Directory, replace searchBases="cn=users,dc=yourco,dc=com"/> in the tag with the following text
```
searchBases="o=root organization"/>
```
  Use the searchBases to search for full DN by short names. The user can use the short name to log on to WebSphere Commerce. Ensure that the searchBases specifies the root organization.

Your directory server might require an additional update. In the supportedLdapEntryType name="Person" tag, ensure that you update the fields within this tag to match your configuration. The default values are:

rdnAttrTypes="uid" 
objectClassesForRead="inetOrgPerson" 
objectClassesForWrite="inetOrgPerson

For example, if you use Microsoft Active Directory update these fields with the following information:

rdnAttrTypes="cn" 
objectClassesForRead="user" 
objectClassesForWrite="user

Find the supportedLdapEntryType name="Group" tag. Within this tag...

If you use Microsoft Windows Active Directory, replace searchBases="cn=groups,dc=yourco,dc=com"/> in the tag with the following text
```
searchBases="dc=domain,dc=ibm,dc=com"/>
```
If you do not use Microsoft Windows Active Directory, replace searchBases="cn=groups,dc=yourco,dc=com"/> in the tag with the following text
```
searchBases="o=root organization"/>
```

Save the file and exit.

Copy the file WAS_installdir\lib\wmm.jar to the following directory: WAS_profiledir\demo\installedApps\cell\wmmApp.ear\

Select the Classes loaded with application class loader first check box.

Select Enterprise Applications > wmmApp > Class loader

Select the Classes loaded with application class loader first check box.

Restart your WebSphere Commerce server.

You have completed configuring Member Manager.
Next step: Prepare WebSphere Commerce to use LDAP.

Related Concepts

Directory services and WebSphere Commerce

Directory Server	Entries
IBM Directory Server V5.1/5.1P	adapterClassName="com.ibm.ws.wmm.ldap.ibmdir.IBMDirectoryAdapter Impl" configurationFile="xml/wmmLDAPAttributes_IDS.xml"
IBM Directory Server V5.2	adapterClassName="com.ibm.ws.wmm.ldap.ibmdir.IBMDirectoryAdapter Impl" configurationFile="xml/wmmLDAPAttributes_IDS.xml"
Sun ONE Directory Server 5.0	adapterClassName="com.ibm.ws.wmm.ldap.sunone.SunOneDirectoryAdapter Impl" configurationFile="xml/wmmLDAPAttributes_SO.xml"
IBM Lotus Domino V6 LDAP Services	adapterClassName="com.ibm.ws.wmm.ldap.domino.Domino6LdapAdapter Impl" configurationFile="xml/wmmLDAPAttributes_DM.xml"
Microsoft Windows Active Directory 2000	adapterClassName="com.ibm.ws.wmm.ldap.activedir.ActiveDirectory2003 AdapterImpl" configurationFile="xml/wmmLDAPAttributes_AD.xml"
Microsoft Windows Active Directory 2003	adapterClassName="com.ibm.ws.wmm.ldap.activedir.ActiveDirectory2003 AdapterImpl" configurationFile="xml/wmmLDAPAttributes_AD.xml

Configure Member Manager

Related Concepts

Related tasks