Prepare an Active Directory server

 

+

Search Tips   |   Advanced Search

 

  1. Install Active Directory:

    1. Install Windows 2000 or 2003 Server, which includes Active Directory.

    2. Install required Service Packs.

    3. Required if using Active Directory 2000:

      Install Windows 2000 High Encryption Pack, which is required to enable SSL.

    4. To install Internet Information Services (IIS), which is required to export server certificates and must be installed before installing Certificate Services:

      1. Open the Control Panel and select Add/Remove Programs.

      2. Choose Add/Remove Windows Components.

      3. Choose the Internet Information Services (IIS) component and then click Next.

      4. Follow the instruction of the Windows Components Wizard. The Windows Server CD is needed.

    5. If you plan on using Active Directory over SSL, install Certificate Services:

      1. Open the Control Panel and select Add/Remove Programs.

      2. Choose Add/Remove Windows Components.

      3. Select Certificate Services and then click Next.

      4. Select Stand-alone root CA and then click Next.

        You can also choose other options depends on you needs.

      5. Fill in CA identifying information and then click Next.

      6. Follow the instruction of the Windows Components Wizard. The Windows Server CD is needed.

  2. Create the WebSphere Portal administrative user:

    1. Create a new user with the Windows administrative tools.

      There is a 20 character limitation for the user account name.

    2. Set the password for the new user.

    3. Activate the new user with the Windows administrative tools. Set the msDS-UserAccountDisabled attribute to false.

  3. Enable SSL for Active Directory. Required to set passwords during sign up and user creation:

    1. Install an Enterprise Certificate Authority on a Windows 2000 Domain Controller, which installs a certificate on a server or install a third-party certificate on the Domain Controller.

    2. Click...

        Start | All Programs | Administrative Tools | Active Directory Users and Computer | domain_name (right-click) | Properties | Group Policy tab | Default Domain Policy group policy | Edit | Computer Configuration | Windows Settings | Security Settings | Public Key Policies | Automatic Certificate Request Settings

    3. Use the wizard to add a policy for Domain Controllers.

      When these requirements are complete, all domain controllers request a certificate and support LDAP over SSL using port 636.


Parent topic:

Prepare user registries on Windows