Portal Express, Version 6.0
Operating systems: i5/OS, Linux, Windows

---

 

Enable LDAP security after cluster creation

You can change the type of security you are using after you have created the cluster. For example, you might want to switch from the database user registry security that is provided by default when you install IBM^® WebSphere^® Portal Express to security based on an LDAP user registry.

To change your security configuration...

1. Disable security by referring to Disabling WebSphere Application Server global security. When disabling security, perform tasks only on the primary node in the cluster. Security changes are automatically propagated to other nodes in the cluster.

2. Enable security to use an LDAP user registry.

   1. Refer to LDAP user registry for details on configuring security with an LDAP user registry on the primary node, and follow the appropriate instructions depending on whether you want to use LDAP with or without realm support. When enabling security, perform tasks only on the primary node in the cluster. Security changes are automatically propagated to other nodes in the cluster.

   2. Update the portal_server_root/config/wpconfig.properties file on each secondary node in the cluster with the same LDAP user registry information you used to configure the primary node.

   3. Complete the security configuration by running the enable-jcr-security configuration task on each secondary node.

      • Windows and Linux:

        Run the following command from the portal_server_root/config directory:

        • Windows:

          WPSconfig.bat enable-jcr-security -DPortalAdminId=portal_admin_id

        • Linux:

          ./WPSconfig.sh enable-jcr-security -DPortalAdminId=portal_admin_id

        where portal_admin_id is the fully qualified distinguished name (DN) of the portal administrator (for example, uid=wpsadmin,cn=users,dc=example,dc=com).

      • i5/OS:

        Run the following command from the portal_server_root_user/config directory:

        WPSconfig.sh -profileName profile_root enable-jcr-security -DPortalAdminId=portal_admin_id

        where

        • profile_root is the name of the WebSphere Application Server profile where WebSphere Portal Express is installed; for example, wp_profile.

        • portal_admin_id is the fully qualified distinguished name (DN) of the portal administrator (for example, uid=wpsadmin,cn=users,dc=example,dc=com

      The configuration task enable-jcr-security will fail if there is a space in the LDAP user's fully qualified distinguished name (DN). For more information refer to the detailed notes on using properties .

   4. Restart the cluster member on each secondary node.

 

Parent topic:

Setting up a cluster

 

Previous topic

Adding cluster members

---