AIX cluster: Adapt the attribute configuration
Overview
After installing WebSphere Portal and configuring LDAP user registries, you will need to adapt the attribute configuration to match the configured LDAP server(s) and business needs. However, you do not need to perform these steps if you are using either a database user registry or the default federated file-based repository for out-of-box installations.
After installation, IBM WebSphere Portal has a predefined set of attributes for users and groups. Your LDAP server may have a different set of predefined user and group attributes. To ensure proper communication between WebSphere Portal and LDAP server, you can configure additional attributes and flag existing attributes as required or unsupported on a per repository basis or for all configure repositories.
LDAP servers can only handle attributes that are explicitly defined in their schema. The LDAP server's schema is different from the WebSphere Portal schema but the two schemas should match for proper communication between WebSphere Portal and the LDAP server. The task to add the LDAP user registry does some basic attribute configurations depending on the type of LDAP server that you choose. You may, however, still need to adapt the WebSphere Portal configuration to match the LDAP schema; for example, if an attribute is defined in WebSphere Portal but not in the LDAP server, perform one of the following tasks to resolve this mismatch
- Flag the attribute as unsupported for the LDAP server
- Introduce an attribute mapping that maps the WebSphere Portal attribute to an attribute defined in the LDAP schema
Adapt attribute configuration to match configured LDAP server
Parent
Configure WebSphere Portal to use a user registry on AIX in a clustered environment
Previous
Choose the user registry model on AIX in a clustered environment
Next topic
Configure WebSphere Portal to use dynamic groups in a clustered environment
Related tasks
Add an LDAP user registry on AIX
Add an LDAP user registry over SSL
Configure a stand-alone LDAP user registry without SSL
Configure a stand-alone LDAP user registry over SSL