User registry options

User registry options

HCL WebSphere Portal provides various security configuration tasks. In the past, there was one task and we might not recover from errors. Also, we might not expand the user registry to meet your growing business needs. Now there are multiple tasks and we can fine-tune the system to meet your business needs. You have the following general security options to choose from:
Security options

Option Explanation

Federated security

Create Virtual Portals with multiple realms
Use multiple repositories (LDAP, database, custom)
Add Application Groups to the system. Useful if need to merge multiple LDAP servers into one cohesive structure.
Required for transient user feature

Take special care that there are no duplicate names between the various repositories. For example, if we installed the product with a Portal Administrator of admin1, then admin1 must not exist in the corporate LDAP server.

Custom security Write a fully controlled WebSphere Security environment. There is a custom user registry and a custom member adapter for Virtual Member Manager (VMM). The abilities of this option depend on your implementation.

Federated security
HCL WebSphere Portal is configured with a default federated repository with a built-in file-based repository. The federated repository offers the richest number of options. For example, your company acquires a new business that has an existing LDAP user registry. We can add that LDAP server to the federated repository. Choose one of the following tasks to enable a production repository:

Enable a production repository

Task Description

Add a federated LDAP repository to the VMM configuration Add an LDAP server to the federated repository. Does not change the current security assignment. The administrative user defined during installation is still active.

Add a federated database repository to the VMM configuration Add a database to the federated repository. Does not change the current security assignment. The administrative user defined during installation is still active.

Add a federated custom user registry Add a custom user registry that your company created to the federated repository. Does not change the current security assignment. The administrative user defined during installation is still active.

After adding the initial user registry, we can add more user registries to the repository to create a multiple user registry configuration.
For the WebSphere Application Server administrator and portal administrator user ID and password leaving admin IDs with the built-in file repository allows us to log on to the WAS Deployment Manager and to Portal Administration if the connection to LDAP is broken.

Optional tasks

Task Description

Update the federated LDAP user registry Update certain parameters such as your bind ID and password to fix issues with the LDAP user registry.

Update the federated database user registry Update certain parameters such as the data source name, database URL, and database type to fix issues with the database user registry.

Create a realm Create a realm, which is a group of users from one or more user registries that form a coherent group within HCL WebSphere Portal. Realms allow flexible user management with various configuration options. A realm must be mapped to a Virtual Portal to allow the defined users to log in to the Virtual Portal. In a federated repository, we can create multiple realms.

Parent topic: User registry considerations

Task	Description
Add a federated LDAP repository to the VMM configuration	Add an LDAP server to the federated repository. Does not change the current security assignment. The administrative user defined during installation is still active.
Add a federated database repository to the VMM configuration	Add a database to the federated repository. Does not change the current security assignment. The administrative user defined during installation is still active.
Add a federated custom user registry	Add a custom user registry that your company created to the federated repository. Does not change the current security assignment. The administrative user defined during installation is still active.

Task	Description
Update the federated LDAP user registry	Update certain parameters such as your bind ID and password to fix issues with the LDAP user registry.
Update the federated database user registry	Update certain parameters such as the data source name, database URL, and database type to fix issues with the database user registry.
Create a realm	Create a realm, which is a group of users from one or more user registries that form a coherent group within HCL WebSphere Portal. Realms allow flexible user management with various configuration options. A realm must be mapped to a Virtual Portal to allow the defined users to log in to the Virtual Portal. In a federated repository, we can create multiple realms.