+

Search Tips   |   Advanced Search

Windows stand-alone: Configure Portal to use a user registry


Configure user registry security on IBM WebSphere Portal to protect the server from unauthorized users. Configure a stand-alone LDAP user registry or we can add LDAP user registries and/or database user registries to the default federated repository. After configuring your user registry, we can add realms for Virtual Portals or a lookaside database to store attributes that cannot be stored in the LDAP user registry.

Prior to configuring security, use the IBM WAS backupConfig task to create and store a back up of the IBM WebSphere Portal configuration; see backupConfig command for information.

Complete the following tasks to configure WebSphere Portal to use a user registry:

  1. Windows stand-alone: Prepare user registries
    Install and set up an LDAP server as a user registry to store user information and authenticate users in your clustered environment.
  2. Windows stand-alone: Choose the user registry model
    Choose between securing IBM WebSphere Portal with a standalone LDAP user registry or by adding LDAP user registries and/or database user registries to the default federated repository. Choose the federated repository if you plan to enable the transient user feature.
  3. Windows stand-alone: Adapt the attribute configuration
    After installing IBM WebSphere Portal and configuring the LDAP user registries, adapt the attribute configuration to match the configured LDAP server(s) and your business needs. You do not need to perform these steps if we are using either a database user registry or the default federated file-based repository for out-of-box installations.
  4. Windows stand-alone: Configure the portal to use dynamic groups
    By default, WebSphere Portal is enabled for static groups. However, the Virtual Member Manager (VMM) allows users to be members of either static or dynamic groups. Static groups are those where a persistent binding exists between a group and its members. Dynamic groups are those where a search query is defined to retrieve the members of a group. If you have the LDAP server configured to use dynamic groups, complete the steps in this task for WebSphere Portal to use dynamic group queries when you setup the LDAP server.
  5. Windows stand-alone: Enable referrals for the LDAP user registry
    Referrals redirect object requests from one LDAP server to another when objects do not exist or cannot be located in a particular directory tree. You should enable referrals if the environment has more than one user registry existing on multiple servers or domains.


Parent: Set up a stand-alone production server on Windows
Previous: Windows stand-alone: Prepare a remote Web server
Next: Tune the servers
Related:
Manage the user registry on Windows