Portal Express, Version 6.0
Operating systems: i5/OS, Linux, Windows
Configure LDAP using the configuration wizard
This file provides information on how to configure your LDAP user registry using the configuration wizard.
Before running the wizard...
- Install your LDAP server
- Create required LDAP users and groups
- Set up your LDAP server
Perform this task on the computer hosting IBM® WebSphere® Portal Express.
- Switch to the configuration wizard window.
- In the Select the task that you want to perform dialog box, select Enable LDAP security and then click Next.
- If the WebSphere Application Server global security is enabled... dialog box appears, type the IBM WebSphere Application Server administrative user name and password in the appropriate fields, and then click Next.
Passwords should not contain spaces.
- Enter the following additional parameters if security is enabled on the Disable security settings continued... dialog box and then click Next:
- WebSphere Portal Express administer ID
- Password
- Confirm password
- WebSphere Portal Express administer group
- Member Manager password
- The wizard is ready to run the following task dialog box displays; click Next to continue with the disabling security task.
- Select the LDAP server that you will use for authentication from the list and then click Next.
- Enter the following parameters to connect WebSphere Portal Express to the LDAP server and then click Next:
- Host name
- Port
- User name
- Password
- LDAP suffix
- Enter the following user parameters for authenticating with the servers and then click Next:
- WebSphere Portal Express administer ID
- Password
- WebSphere Application Server administer ID
- Password
- Bind distinguished name
- Password
- User search filter
- Enter the following group parameters for authenticating with the servers and then click Next:
- WebSphere Portal Express administrator group
- Web Content Management administrators group
- WebSphere Portal Express Server content administrators group
- WebSphere Portal Express Server document reviewer group
- Group search filter
- Enter the following group short name parameters and then click Next:
- Web Content Management administrators group
- WebSphere Portal Express Server content administrators group
- WebSphere Portal Express Server document reviewer group
- Enter the following Member Manager parameters and then click Next:
- User name
- Password
- Enter the LDAP user and group prefixes and suffixes and then click Next.
- Enter the following single sign-on parameters and then click Next:
- The domain name for all allowed single sign-on hosts
- Does the single sign-on require an SSL connection
- Enter a password that will be used to encrypt LTPA keys
- Confirm password
- LTPA token expiration time in minutes
- Enter the following node parameters for the users and groups in this configuration and then click Next:
- User object class
- Group object class
- Group membership attribute
- User base attributes
- Minimum user attributes
- Minimum group attributes
- Enter the following additional LDAP parameters and then click Next:
- Allow only qualified user names within the security domain
- Issue a warning if an application is installed with a permission that is disallowed by the policy files
- Security cache timeout in seconds
- Authentication protocol for RMI/IIOP requests
- Enter the following additional LDAP parameters and then click Next:
- Host name of the web server handling HTTP requests
- Port
- LDAP server response timeout in seconds
- Reuse LDAP connections
- Ignore case when checking user names and passwords
- Enable Lookaside
- The wizard is ready to run the following task dialog box displays with a list of the configuration settings; click Next to continue with the enabling security task.
- If the task runs successfully, the message The wizard ran the task successfully will display. Click Finish to exit the wizard or click Run Wizard Again to perform additional configurations.
If the task runs with errors, the message The wizard ran the task with errors will display. For information, click View Log File. Fix the issue that is causing the error and then rerun the task.
Security is enabledOnce you have enabled security with your LDAP directory, you will need to provide the user ID and password required for security authentication on WebSphere Application Server when you perform certain administrative tasks with WebSphere Application Server. For example, to stop the WebSphere Portal Express application server, you would issue the following command:
- Enter the following command:
- Linux:
./stopServer.sh WebSphere_Portal -user admin_userid -password admin_password
- Windows:
stopServer.bat WebSphere_Portal -user admin_userid -password admin_password
- i5/OS:
stopServer.sh WebSphere_Portal -profileName profile_root -user admin_userid -password admin_password
where profile_root is the name of the WebSphere Application Server profile where WebSphere Portal Express is installed; for example, wp_profile.
Parent topic:
Configuring LDAP server for non-realm support