Enable user provisioning
When users are created in HCL WebSphere Portal, they are not automatically imported into Security Access Manager. Enabling automatic user provisioning to Security Access Manager changes this behavior. After this feature is enabled, users are automatically imported into Security Access Manager whenever they are created in HCL WebSphere Portal. When user provisioning is enabled, anyone with access to the public URL can become an active user in Security Access Manager if the self-registration feature remains enabled.
There are two ways to create users in HCL WebSphere Portal:
Self-registration Enabled by default Manage Users and Groups portlet can use this portlet to create HCL WebSphere Portal users. To enable user provisioning within Security Access Manager in a clustered environment, run the following tasks on each node in the cluster.
- Validate PdPerm.properties is correct and that communication between HCL WebSphere Portal and the Security Access Manager server works:
cd WP_PROFILE/ConfigEngine
./ConfigEngine.sh validate-pdadmin-connection -DWasPassword=foo -Dwp.ac.impl.PDAdminPwd=fooWasPassword is the dmgr administrator password. wp.ac.impl.PDAdminPwd is the Security Access Manager administrative user password.
If the task does not run successfully: Run the run-svrssl-config task to create the properties file. For information, refer to Creating PdPerm.properties. Then, run the validate-pdadmin-connection task again. If the task is not successful after a second attempt, do not proceed with any subsequent steps. The fact the task does not run successfully indicates the portal cannot connect to the Security Access Manager server. Troubleshoot the connectivity issue between the portal instance and the Security Access Manager server.
- Start all ISAM policy and authorization servers before running enable-tam-userprov.
- Enable user provisioning:
cd WP_PROFILE/ConfigEngine
./ConfigEngine.sh enable-tam-userprov -DPortalAdminId=foo -DPortalAdminPwd=foo
- Stop and restart the appropriate servers to propagate the changes.
Parent Security Access ManagerRelated tasks:
Create PdPerm.properties