Prepare a Tivoli Directory Server for System i5

1. Customize the LDAP directory servers settings using the Directory Services Configuration Wizard. You must have *ALLOBJ and *IOSYSCFG special authority to use the wizard. Go to IBM System i and i5/OS Information Center, select the appropriate Information Center version and navigate to e-business and Web serving > Security and Directory Server > IBM Directory Server for iSeries.

   Due to a restriction in Tivoli Directory Server, users or groups must not contain a Turkish uppercase dotted I or lowercase dotted i in the DN as this will prevent correct retrieval of that user or group.

2. Create the WebSphere Portal administrative user

   1. Create a new directory suffix (Optional):

      1. Go to IBM System i and i5/OS Information Center, select the appropriate Information Center version and navigate to Networking > TCP/IP applications, protocols, and services > IBM Directory Server for iSeries (LDAP) > Administering Directory Server > Adding and Removing Directory Server suffixes.

      2. Cycle the LDAP server.

   2. Edit SETUP_CDROM/filename.ldif
      • Use PortalUsers.ldif for most scenarios.

      • Use the ContentUsers.ldif file for the IBM DB2 Content Manager group and user IDs if you configured DB2 Content Manager.

   3. Replace every dc=yourco,dc=com with your suffix.

   4. Replace any prefixes and suffixes unique to your LDAP server.

   5. You can specify user names other than wpsadmin and wpsbind.

      For security reasons, specify nontrivial passwords for these administrator accounts.

   6. Optional: If using IBM Tivoli Access Manager Version 5.1, set the objectclasses to accessGroup.

      If using Tivoli Access Manager Version 6, set the objectclasses to groupOfNames.

   7. Save changes.

   8. Import the LDIF file into the directory server

   9. Cycle the LDAP server.

Parent topic:

Configure WebSphere Portal to use a user registry on i5/OS

Next topic:

Choose the user registry model on i5/OS

---