+

Search Tips   |   Advanced Search

Windows stand-alone: Prepare an Active Directory Server


To use Active Directory as an LDAP user registry, install and set up the server so that it will communicate with IBM WebSphere Portal.

Prepare Active Directory:

  1. To install and configure Active Directory:

    1. Install Windows 2003 or 2008 Server, which includes Active Directory. Refer to http://www.microsoft.com/windows2000/technologies/directory/ad/default.asp for information.

    2. Install required Service Packs.

    3. To install Internet Information Services (IIS), which is required to export server certificates and must be installed before installing Certificate Services:

      1. Open the Control Panel and select Add/Remove Programs.

      2. Choose Add/Remove Windows Components.

      3. Choose the Internet Information Services (IIS) component and then click Next.

      4. Complete the Windows Components Wizard instructions. The Windows Server CD is needed.

    4. Use the following steps to install Certificate Services if you plan on using Active Directory over SSL:

      1. Open the Control Panel and select Add/Remove Programs.

      2. Choose Add/Remove Windows Components.

      3. Select Certificate Services and then click Next.

      4. Select Standalone root CA and then click Next. We can also choose other options depends on you needs.

      5. Enter CA identifying information and then click Next.

      6. Complete the Windows Components Wizard instructions. The Windows Server CD is needed.

  2. Create the WebSphere Portal administrative user:

    1. Create a new user with the Windows administrative tools.

      There is a 20 character limitation for the user account name.

    2. Set the password for the new user.

    3. Activate the new user with the Windows administrative tools. Set the msDS-UserAccountDisabled attribute to false.

  3. To enable SSL for Active Directory; this step is required to set passwords during sign up and user creation:

    1. Install an Enterprise Certificate Authority on a Windows 2000 Domain Controller, which installs a certificate on a server or install a third-party certificate on the Domain Controller.

    2. Click Start > All Programs > Administrative Tools > Active Directory Users and Computer.

    3. In the Active Directory Users and Computers window, right-click on the domain name and select Properties.

    4. In the Domain Properties dialog box, select the Group Policy tab.

    5. Select the Default Domain Policy group policy and then click Edit.

    6. Select Windows Settings under Computer Configuration.

    7. Select Security Settings and then select Public Key Policies.

    8. Select Automatic Certificate Request Settings.

    9. Use the wizard to add a policy for Domain Controllers.

      When these requirements are complete, all domain controllers request a certificate and support LDAP over SSL using port 636.


Parent: Windows stand-alone: Prepare user registries