User registries
User registries store account information, including user ID and passwords. User repositories store user profiles and preference information.By default, portal is installed with a federated repository with a built-in file repository. Federated repositories allow one to add various user registries, realm support for virtual portals, and/or property extensions to create a single, working unit. Available user registries include LDAP, database, and custom. Using the built-in file repository is not recommended in a production environment. After adding another repository, and choosing the administrative users from that repository, IBM recommends removing the file repository.
After adding all user registries to the federated repository, we can run wp-set-entitytypes to set a specific user registry as the default. Distinguished names must be unique for a realm over all registries. For example, if...
uid=wpsadmin,o=myco
...exists in LDAP1, it must not exist in LDAP2, LDAP3, or DB1. The shortname, for example wpsadmin, should be unique for a realm over all registries. The base distinguished names for all registries used within a realm must not overlap; for example, if LDAP1 is...
c=us,o=myco
...LDAP2 should not be...
o=myco
Do not leave the base entry blank for any of the registries used within a realm.
If IBM Lotus Domino will be one of the user registries in a multiple registry configuration and will share a realm with another user registry, ensure that the groups are stored in a hierarchical format in the Domino Directory as opposed to the default flat-naming structure.
The flat-naming convention is...
cn=groupName
...the hierarchical format is...
cn=groupName,o=root
The user must exist in a user registry and not within the property extension configuration; otherwise, the user cannot be a member of the realm.
If you have an application that does not support the federated repository, we can switch to a standalone LDAP user registry or a standalone custom user registry.
See
Parent: Plan
Related reference:
Directory Search