###
###
### WebSphere Portal 5.0 parent configuration file for
### configuring security with Microsoft Active Directory
###
### Do NOT enclose any value in quotes!
### Windows paths must use '/', not '\'.
### Windows long paths are OK.
### Properties are immutable. Once set, they cannot be overriden.
###
###
###
###
### How to use this file:
###
### 1. Edit this file to match the environment
###
### 2. Start appserver "server1"
###
### Stop appserver "WebSphere_Portal"
###
### 3. Change into the <wp_root>/config directory
###
### 4. Import the contents of this file into wpconfig.properties:
###
### ./WPSconfig.sh -DparentProperties=<full_path_to_this_file> -DSaveParentProperties=true
###
### 5. Test connections to directory:
###
### ./WPSconfig.sh validate-ldap
###
### 6a. If WAS security is enabled, run the following task:
###
### ./WPSconfig.sh secure-portal-ldap
###
### 6b. or if WAS security is NOT enabled, run the following task:
###
### ./WPSconfig.sh enable-security-ldap
###
### 7. Stop appserver "server1"
###
### Start appserver "server1"
### Start appserver "WebSphere_Portal"
###
###
###
### WAS Properties - BEGIN
###
### User ID for WAS security authentication
WasUserid=cn=wpsbind,cn=users,dc=yourco,dc=com
### Password for WAS security authentication (LDAP and CUR)
WasPassword=
### Name of the WebSphere Portal host
###
### Note: a fully-qualified hostname is required to set up security and to communicate
### with the Portal after security is enabled.
###
WpsHostName=<WpsHostName>
###
### WAS Properties - END
###
###
### Portal Config Properties - BEGIN
###
### User ID for the WebSphere Portal Administrator
PortalAdminId=cn=wpsadmin,cn=users,dc=yourco,dc=com
### Short WebSphere Portal admin ID
PortalAdminIdShort=wpsadmin
### Password for the WebSphere Portal Administrator
PortalAdminPwd=
### Group ID for the WebSphere Portal Administrator group
PortalAdminGroupId=cn=wpsadmins,cn=groups,dc=yourco,dc=com
### WebSphere Portal admin group ID
PortalAdminGroupIdShort=wpsadmins
###
### Portal Config Properties - END
###
###
###
### WebSphere Portal Security Configuration - BEGIN
###
###
###
### WebSphere Portal Security LTPA and SSO configuration
###
### Password to encrypt and decrypt the LTPA keys.
LTPAPassword=
### Time period in minutes at which an LTPA token will expire.
LTPATimeout=120
### Specifies that Single Sign-On function is enabled
### Only works when requests are over HTTPS Secure Socket Layer (SSL) connections.
SSORequiresSSL=false
### Domain name (.ibm.com, for example) for all Single Sign-on hosts.
SSODomainName=<SSODomainName>
###
### General Global Security Settings
###
### The values in this section should only be adapted by advanced users
###
### User names to qualify with the security domain within which they reside.
useDomainQualifiedUserNames=false
### Timeout value in seconds for security cache.
cacheTimeout=600
### Specifies that when the Issue permission warning is enabled, during application deployment
### and application start, the security run time emits a warning if applications are granted any
### custom permissions.
issuePermissionWarning=true
### Active authentication protocol for RMI/IIOP requests when security is enabled.
activeProtocol=BOTH
### Active authentication mechanism, when security is enabled.
activeAuthMechanism=LTPA
###
### LDAP Properties Configuration - BEGIN
###
### To configure LDAP with an additional LookAside Database
###
### true - LDAP + Lookaside database
### false - only LDAP
LookAside=false
### LDAP server hostname
LDAPHostName=<LDAPHostName>
### LDAP server port number
### For example, 389 for non-SSL or 636 for SSL
LDAPPort=389
### LDAP administrator ID
LDAPAdminUId=cn=Administrator,cn=Users,dc=yourco,dc=com
### LDAP administrator password
LDAPAdminPwd=
### Type of LDAP server to be used for WebSphere Portal
LDAPServerType=ACTIVE_DIRECTORY
### User ID for LDAP Bind authentication
LDAPBindID=cn=wpsbind,cn=users,dc=yourco,dc=com
### Password for LDAP Bind authentication
LDAPBindPassword=
###
### LDAP Properties Configuration - END
###
###
### Advanced LDAP Configuration - BEGIN
###
### The LDAP suffix appropriate for the LDAP server
LDAPSuffix=dc=yourco,dc=com
### LDAP user prefix appropriate for the LDAP server
LdapUserPrefix=cn
### LDAP user suffix appropriate for the LDAP server
LDAPUserSuffix=cn=users
### LDAP group prefix appropriate for the LDAP server
LdapGroupPrefix=cn
### LDAP group suffix appropriate for the LDAP server
LDAPGroupSuffix=cn=groups
### LDAP user object class appropriate for the LDAP server
LDAPUserObjectClass=user
### LDAP group object class appropriate for the LDAP server
LDAPGroupObjectClass=group
### LDAP group member attribute name appropriate for the LDAP server
LDAPGroupMember=member
### LDAP user filter appropriate for the LDAP server (to work with default values in WMM)
LDAPUserFilter=(&(|(cn=%v)(samAccountName=%v))(objectclass=user))
### LDAP group filter appropriate for the LDAP server (to work with default values in WMM)
LDAPGroupFilter=(&(cn=%v)(objectclass=group))
### This attribute is loaded for group search (performance issues)
LDAPGroupMinimumAttributes=
### These attributes are loaded for user login (performance issues)
LDAPUserBaseAttributes=givenName,sn,preferredLanguage
### These attributes are loaded for user search (performance issues)
LDAPUserMinimumAttributes=
### Specifies the timeout value in seconds for an LDAP server to respond before aborting a request.
LDAPsearchTimeout=120
### Should set to true by default to reuse the LDAP connection.
### { false | true }
LDAPreuseConnection=true
### Specifies that a case insensitive authorization check is performed.
### { false | true }
LDAPIgnoreCase=true
### Specifies whether secure socket communications is enabled to the LDAP server.
### { false | true }
### Set to true if configuring LDAP over SSL
LDAPsslEnabled=false
###
### Advanced LDAP Configuration - END
###
### The user ID for WMM system identification
###
### See LDAP examples below:
###
### IBM Directory Server: { uid=<wmmsystemid>,cn=users,dc=yourco,dc=com }
### Domino: { cn=<wmmsystemid>,o=yourco.com }
### Active Directory: { cn=<wmmsystemid>,cn=users,dc=yourco,dc=com }
### SunOne: { uid=<wmmsystemid>,ou=people,o=yourco.com }
### Novell eDirectory { uid=<wmmsystemid>,ou=people,o=yourco.com }
WmmSystemId=<wmm_system_id_user>
### Password for WMM system identification
WmmSystemIdPassword=<wmm_system_id_password>
###
### LDAP Properties - END
###
###
###
### WebSphere Portal Security Configuration - END
###
###