Enable user provisioning

Enable user provisioning

When users are created in WebSphere Portal, they are not automatically imported into TivoliAccess Manager. Enable automatic user provisioning to Tivoli Access Manager changes this behavior. Once this feature is enabled, users are automatically imported into Tivoli Access Manager whenever they are created in WebSphere Portal. When user provisioning to Tivoli Access Manager, anyone with access to the public URL can become an active user in Tivoli Access Manager as long as the self-registration feature remains enabled. There are two ways to create users in WebSphere Portal:

Self-registration: This feature is enabled by default.

Manage Users and Groups portlet: Administrators can use this portlet to create WebSphere Portal users.
To enable user provisioning within Tivoli Access Manager: If this is a clustered environment, run the following tasks on each node in the cluster.

Validate that the AMJRTE properties exists:
Tasks to validate that the AMJRTE properties exist by OS

OS Task
Windows™ ConfigEngine.bat validate-pdadmin-connection -DWasPassword=foo -Dwp.ac.impl.PDAdminPwd=foo from the WP_PROFILE/ConfigEngine
UNIX™ ./ConfigEngine.sh validate-pdadmin-connection -DWasPassword=foo -Dwp.ac.impl.PDAdminPwd=foo from the WP_PROFILE/ConfigEngine
i ConfigEngine.sh validate-pdadmin-connection -DWasPassword=foo -Dwp.ac.impl.PDdAdminPwd=foo from the WP_PROFILE/ConfigEngine

Complete this step on all nodes.

If the task does not run successfully: Run run-svrssl-config to create the properties file, see Create the AMJRTE properties file, then run the validate-pdadmin-connection task again. If the task is not successful after a second attempt, do not perform any subsequent steps in this topic. The fact that the task does not run successfully indicates that the portal cannot connect to the Tivoli Access Manager server.

Run the following task to enable user provisioning:
Task to enable user provisioning by OS

OS Task
Windows ConfigEngine.bat enable-tam-userprov -DWasPassword=foo -Dwp.ac.impl.PDAdminPwd=foo from the WP_PROFILE/ConfigEngine
UNIX ./ConfigEngine.sh enable-tam-userprov -DWasPassword=foo -Dwp.ac.impl.PDAdminPwd=foo from the WP_PROFILE/ConfigEngine
i ConfigEngine.sh enable-tam-userprov -DWasPassword=foo -Dwp.ac.impl.PDAdminPwd=foo from the WP_PROFILE/ConfigEngine

Stop and restart the appropriate servers to propagate the changes.

Parent
Configure Tivoli Access Manager

Related tasks

Start and stop servers, dmgrs, and node agents

Create the AMJRTE properties file

+
Search Tips | Advanced Search

OS	Task
Windows™	ConfigEngine.bat validate-pdadmin-connection -DWasPassword=foo -Dwp.ac.impl.PDAdminPwd=foo from the WP_PROFILE/ConfigEngine
UNIX™	./ConfigEngine.sh validate-pdadmin-connection -DWasPassword=foo -Dwp.ac.impl.PDAdminPwd=foo from the WP_PROFILE/ConfigEngine
i	ConfigEngine.sh validate-pdadmin-connection -DWasPassword=foo -Dwp.ac.impl.PDdAdminPwd=foo from the WP_PROFILE/ConfigEngine

OS	Task
Windows	ConfigEngine.bat enable-tam-userprov -DWasPassword=foo -Dwp.ac.impl.PDAdminPwd=foo from the WP_PROFILE/ConfigEngine
UNIX	./ConfigEngine.sh enable-tam-userprov -DWasPassword=foo -Dwp.ac.impl.PDAdminPwd=foo from the WP_PROFILE/ConfigEngine
i	ConfigEngine.sh enable-tam-userprov -DWasPassword=foo -Dwp.ac.impl.PDAdminPwd=foo from the WP_PROFILE/ConfigEngine