Update the federated LDAP user registry on AIX
After creating and using the LDAP user registry in the default federated repository, you may find that your LDAP user registry is not working exactly as you would like. You can update the LDAP user registry and make the necessary changes. For example, you can change your LDAP Bind password. Ensure that the server1 and WebSphere_Portal servers are started before starting this task.
Perform the following steps to update the LDAP user registry in the default federated repository:
The wp-update-federated-ldap task does not modify...
- administrative users
- entity types
- LDAP entity types
- LDAP group membership attributes
- LDAP group configuration
- LDAP context pool
Use...
WP_PROFILE/ConfigEngine/config/helpers/wp_add_federated_xxx.properties....when performing this task to ensure the correct properties are entered
In the instructions below, when the step refers to the wkplc.properties file, you will use your wp_add_federated_xxx.properties helper file.
- Use a text editor to open the wkplc.properties file, located in the WP_PROFILE/ConfigEngine/properties directory.
- Enter the following parameters in the wkplc.properties file under the Federated LDAP repository heading to identify the existing LDAP user registry that you want to update:
- federated.ldap.id
- federated.ldap.host
- federated.ldap.baseDN
- federated.ldap.ldapServerType
- Update the following required parameters in the wkplc.properties file under the Federated LDAP repository heading:
See the wkplc.properties file for specific information about the required parameters and for advanced parameters.
- Save your changes to the wkplc.properties file.
- If you are running a clustered environment, turn off portal servers. You can leave node agent and deployment manager running.
- Validate your LDAP server settings.
./ConfigEngine.sh validate-federated-ldap -DWasPassword=password task- Update the LDAP user registry in the default federated repository.
cd WP_PROFILE/ConfigEngine
./ConfigEngine.sh wp-update-federated-ldap -DWasPassword=password task- Choose one of the following options to propagate the security changes:
Option Description Standalone environment Run the following tasks to propagate the security changes in a standalone environment:
- ./stopServer.sh server1 -username admin_userid -password admin_password, from the WP_PROFILE/bin directory
- ./stopServer.sh WebSphere_Portal -username admin_userid -password admin_password, from the WP_PROFILE/bin directory
- ./startServer.sh server1, from the WP_PROFILE/bin directory
- ./startServer.sh WebSphere_Portal, from the WP_PROFILE/bin directory
Clustered environment Run the following tasks to propagate the security changes in a clustered environment:
- ./stopManager.sh, from the dmgr_profile_root\bin directory
- ./stopNode.sh -username admin_userid -password admin_password, from the WP_PROFILE/bin directory
- ./stopServer.sh server1 -username admin_userid -password admin_password, from the WP_PROFILE/bin directory
- ./stopServer.sh WebSphere_Portal -username admin_userid -password admin_password, from the WP_PROFILE/bin directory
- ./startManager.sh, from the dmgr_profile_root\bin directory
- ./startNode.sh, from the WP_PROFILE/bin directory
- ./startServer.sh server1, from the WP_PROFILE/bin directory
- ./startServer.sh WebSphere_Portal, from the WP_PROFILE/bin directory