Prepare security for remote search service in a single-signon domain

Prepare portal security for remote search service on a single portal installation...

1. Make the key file available to all servers in the Single-Sign On (SSO) domain on one of the servers to be part of the SSO domain:

   1. Open the WAS admin console and select...
      Security | Global Security | Authentication | LTPA

   2. In the field for the fully qualified key name enter a key file name and click the button: Export keys

      The keys are written to...

      PROFILE_ROOT/Key/file_name

2. Import the key file to all other servers of the SSO domain.

   Do this on all other servers that will be part of this SSO domain:

   1. Copy the key file that you exported in step 1 to the server into the directory WP_PROFILE .

   2. Log in to the WAS admin console and select...
      Security | Global Security | Authentication | LTPA

   3. In the field for the fully qualified key name enter a key file name and click the Import keys button.

      The keys are propagated to all servers of the SSO domain.

   4. Restart all WAS profiles on this server.

3. Disable automatic LTPA key generation on all servers of the SSO domain by unselecting check box:
   Security | Global Security | Authentication mechanisms and expiration | LTPA Key generation | Key set groups | NodeLTPAKeySetGroup | Key generation | Automatically generate keys

   Log out from the WAS admin console for changes to take effect.

4. If you work with EJB on a secure server, set the search user ID.

Parent: Use remote search service
Related: Prepare for remote search service
Replace the search administrator user ID
Set the search user ID
Configure Portal Search for remote search service