+

Search Tips   |   Advanced Search

Properties file: wkplc.properties


1. About the properties file

When specifying values:

WasSoapPort

Description Port used to connect to the WAS with remote connections.
Default 10005
Examples None available

WasRemoteHostName

Description Name of host running the deployment manager server process.
Default @your_host_name@
Examples None available

RegistrySynchronized

Description Tells the system if the registry is synchronized or not. Set to false to force a synchronization.
Default true
Examples None available


2. General properties


2.1. WAS properties

Provide information about the WAS used in the WebSphere Portal stack.

VirtualHostName

Description Name of the WAS virtual host.
Default default_host
Examples None available

WasUserid

Description User ID for WAS security authentication. Type the value in lower case, regardless of the case used in the DN. For an LDAP configuration this value cannot contain spaces. For an LDAP configuration this should be the fully qualified DN of a current administrative user for the WAS. For a configuration using a Virtual Manager User Registry database, the short version of the distinguished name must be used.
Default wpsadmin
Examples:

  • Custom User Registry: {wpsbind}
  • IBM Tivoli Directory Server: { uid=wpsbind,cn=users,dc=myco,dc=com }
  • IBM Lotus Domino: { cn=wpsbind,o=myco.com }
  • Oracle Directory Server: { uid=wpsbind,ou=people,o=myco.com }
  • Novell eDirectory { uid=wpsbind,ou=people,o=myco.com }
  • Windows Active Directory: { cn=wpsbind,cn=users,dc=myco,dc=com }
  • Windows Active Directory-Lightweight-Directory-Services: { cn=wpsbind,cn=users,dc=myco,dc=com }

WasPassword

Description Password for the user ID specified for WAS security authentication. The WasPassword parameter can be specified in this file or we can pass it on the command line using the -DWasPassword string.
Default ReplaceWithYourWASUserPwd
Examples None available

WasHome

Description Directory where WAS product files are installed. Set based on user input during installation.
Default @was.root@
Examples
  • AIX: /usr/WebSphere/AppServer
  • IBM i: /QIBM/UserData/WebSphere/AppServer
  • Linux: /opt/WebSphere/AppServer
  • Solaris: /opt/WebSphere/AppServer
  • Windows: c:/WebSphere/AppServer

WasUserHome

Description Directory where WAS user data (profile) is created. Set based on user input during installation.
Default @was.user.root@
Examples
  • AIX: /usr/WebSphere/profile
  • IBM i: /QIBM/UserData/WebSphere/AppServer/V8/ND/profiles/profile
  • Linux: /opt/WebSphere/profile
  • Solaris: /opt/WebSphere/profile
  • Windows: c:/WebSphere/profile

    • CellName

    Description Name of the WAS cell where the WAS is located.
    Default @CellName@
    Examples None available

    NodeName

    Description Node within the WAS cell where the WAS is located. This value must be unique among other node names in the same cell.Typically this value is the same as the host name for the computer.
    Default @NodeName@
    Examples None available

    ServerName

    Description Name of the application server where the WebSphere Portal application is deployed. This value must be unique among other application server names in the same cell.
    Default WebSphere_Portal
    Examples None available

    WasAdminServer

    Description Name of the application server for administration. For IBM i, if the WAS profile was created with a different WAS administrative server name, you should change this value to reflecthat.
    Default server1
    Examples server1

    LTPAPassword

    Description Password to encrypt and decrypt the LTPA keys.
    Default No default value
    Examples None available

    wasJvmBitType

    Description This value is a Solaris specific property that specifies whether to use the 64 bit or 32 bit JVM.
    Default sparc32
    Examples 32bit JVM: sparc32, x86, or ia32
    64 bit JVM: sparc64 or x64


    2.2. WebSphere Portal configuration properties

    Provide basic information about WebSphere Portal, such as installation directory, ports numbers, user IDs and passwords, and more.

    WpsInstallLocation

    Description Directory where WebSphere Portal is installed.
    Default c:/IBM/WebSphere/Portal
    Examples
  • AIX: /usr/IBM/WebSphere/PortalServer
  • IBM i: /QIBM/ProdData/WebSphere/PortalServer/V7
  • Linux: /opt/IBM/WebSphere/PortalServer
  • Solaris: /opt/IBM/WebSphere/PortalServer
  • Windows: c:/IBM/WebSphere/PortalServer

    • WpsHostName

    Description Fully qualified WebSphere Portal host name or the name of the Web server that WAS is configured to use. Set by the installation program based on user input during installation.
    Default localhost
    Examples In the following example, machinename is the WpsHostName value:

      http://machinename:80/wps/portal

    WpsHostPort

    Description Transport port number used to access the host machine identified by the WpsHostName property.
    Default 80
    Examples In the following example 80 is the WpsHostPort value:

      http://localhost:80/wps/portal

    PortalAdminId

    Description User ID for the WebSphere Portal administrator. Set based on user input during installation. The user ID cannot contain a space: for example, user ID. The user ID cannot be longer than 200 characters.

    If this parameter is provided via -D on commandline. Some tasks require the fully qualified user ID. If ID contains a space; for example:

      cn=wpsadmin,cn=users,l=SharedLDAP,c=US,ou=Lotus,o=Software Group,dc=ibm, dc=com,

    ...then place the ID in the properties file or into a parent properties file instead of as a flag on the command line.

    For example, create a file called mysecurity.properties, enter the fully qualified user ID, and then run...

      ./ConfigEngine.sh task_name -DparentProperties=/opt/mysecurity.properties
    Default wpsadmin
    Examples:

    • No security: PortalAdminId=wpsadmin
    • IBM Tivoli Directory Server: { uid=,cn=users,dc=myco,dc=com }
    • IBM Lotus Domino: { cn=,o=myco.com }
    • Novell eDirectory { uid=,ou=people,o=myco.com }
    • Oracle Directory Server : { uid=,ou=people,o=myco.com }
    • Windows Active Directory: { cn=,cn=users,dc=myco,dc=com }
    • Windows Active Directory-Lightweight-Directory-Services: { cn=,cn=users,dc=myco,dc=com }

    PortalAdminPwd

    Description Password for the WebSphere Portal administrator. Set based on user input during installation. The password cannot contain a space, for example, pass word. The password cannot be longer than 128 characters.
    Default No default value
    Examples None available

    PortalAdminGroupId

    Description Group ID for the WebSphere Portal administrator group. Set based on user input during installation.
    Default wpsadmins
    Examples:

    • IBM Tivoli Directory Server: {cn=portaladmingroupid,cn=groups,dc=myco,dc=com }
    • Lotus Domino: { cn=portaladmingroupid }
    • Windows Active Directory: { cn=portaladmingroupid,cn=groups,dc=myco,dc=com }
    • Windows Active Directory-Lightweight-Directory-Services: { cn=portaladmingroupid,cn=groups,dc=myco,dc=com }
    • Oracle Directory Server: { cn=portaladmingroupid,ou=groups,o=myco.com }
    • Novell eDirectory Portal: { cn=portaladmingroupid,ou=groups,o=myco.com }
    • Custom user registry: cn=wpsadmins,o=default organization
    • Development configuration without security: wpsadmins

    PortalUniqueID

    Description Used for the object ID creation mechanism. Has to be different for each node. The ID is 12 hex digits that are unique to this WebSphere Portal instance. Usually a MAC address from a communications adapter on this node. Nodes running on one machine can have the same PortalUniqueID.
    Default 00054E48AA0C
    Examples None available


    WpsContextRoot

    Description WebSphere Portal context root or base URI. All URLs beginning with this path will be reserved for WebSphere Portal. The value of this property is part of the URL used to access WebSphere Portal from a browser.
    Default wps
    Examples In the following example, wps is the WpsContextRoot value:

      http://localhost:80/wps/portal

    WpsHostBasePort

    Description Required for IBM i only. Port block that will be used for the WebSphere Portal Server.
    Default 10000
    Examples None available

    SMFLibrary

    Description Required for z/OS only. The library where the ifaedjreg.jar file resides
    Default No default value
    Examples None available

    SMFNativeLibrary

    Description Required for z/OS only. This value is the library where the SMF DLLs reside.
    Default No default value
    Examples None available

    ServerShortName

    Description Required for z/OS only. Server's jobname, as specified in the MVS START command JOBNAME parameter. JOBNAME is the name of the task or script that runs when the server is running. MVS (Multiple Virtual Storage) is the name of the operating system that runs on the mainframe. This value is also passed as a parameter to the server's start procedures to specify the location of the server's configuration files and identify the server to certain WebSphere for z/OS- exploited z/OS facilities (for example, SAF).
    Default BBOS002
    Examples SAF

    ClusterTransitionName

    Description Required for z/OS only. Cluster transition name of the WLM APPLENV (WLM application environment) name for this server.
    Default BBOC002
    Examples None available

    WpsSMPEHomeDirectory

    Description Required for z/OS only. This value is the location of the SMP/E installation image for the WebSphere Portal SMP/E package.
    Default No default value
    Examples None available

    TransferDomainList

    Description Required for database transfer List of database domains that will be transferred by the database-transfer process. Should not be altered unless to include or exclude specific domains from the transfer process.
    Default release,community,customization,jcr,feedback,likeminds
    Examples None available


    3. WebSphere Portal cluster properties

    The following properties are used if you have a clustered environment.

    ClusterName

    Description Cluster name to use when creating the cluster. Do not use spaces or special characters in the cluster name.
    Default PortalCluster
    Examples None available

    PushFrequency

    Description Time, in seconds, to wait before pushing new or modified cache entries to other servers. Enter a value of 1 or greater.
    Default 1
    Examples None available

    ReplicationType

    Description Global sharing policy for this application server. Cache entries are not shared among different appservers. Only invalidation events are send among servers in the replication domain.
    Default NONE
    Examples None available

    PrimaryNode

    Description Specifies whether we are on the primary node or not.
    Default true
    Examples None available


    4. Step-up authentication properties

    Step-up authentication enables you to require a stronger level of authentication to access certain pages and assets than the authentication that the client used when initially entering the portal site.

    sua_user

    Description Key which is used to encrypt the Cookie information. The value does not need to match to a real user.
    Default No default value
    Examples myname

    sua_serversecret_password

    Description Encryption key for the information used in the RememberMe cookie, which is part of the step-up authentication. This does not need to be an existing password.

    For example, we can use mypassword as the value.

    Default No default value
    Examples None available

    enable_rememberme

    Description Whether the Remember me cookie should be enabled when the enable-stepup-authentication task is run.
    Default true
    Examples None available

    disable_rememberme

    Description Whether the Remember me cookie should be disabled when the disable-stepup-authentication task is run.
    Default true
    Examples None available


    5. Virtual portal configuration properties

    Configuration tasks that use the virtual portal configuration properties include: create-virtual-portal, delete-virtual-portal, modify-virtual-portal, list-all-virtual-portals

    VirtualPortalTitle

    Description Title of the Virtual Portal.
    Default No default value
    Examples None available

    VirtualPortalRealm

    Description Realm used for the virtual portal defined in VirtualPortalTitle.
    Default No default value
    Examples None available

    VirtualPortalHostName

    Description DNS name of the virtual portal. The virtual portal can be referenced by the DNS name instead of the URL prefix. When the value is left blank, a virtual portal will use the common DNS name for all portals.
    Default No default value
    Examples None available

    VirtualPortalContext

    Description Unique portal context. If set the host name parameter, VirtualPortalHostName, the portal context is ignored. A virtual portal can either be accessed by a DNS/Host name or a URL prefix. When both a DNS/Host name and URL prefix are provided, the DNS/Host name will be used for VirtualPortalContext.
    Default No default value
    Examples None available

    VirtualPortalNlsFile

    Description An optional file which contains language specific information for the Virtual Portal. Create an NLS file to specify additional titles and descriptions in other languages for the Virtual Portal. Descriptions can only be provided in an NLS file. Do not use prefixes is that NLS file. If you do not specify an NLS file, the Virtual Portal is created with the title that you give as the value to the VirtualPortalTitle parameter only. Titles and descriptions are not created for other languages. However, if we specify an NLS file, the value given for the virtual portal title in the NLS file overrides the value that you provide for the VirtualPortalTitle property. To create a description for the virtual portal, you have to specify this in an NLS file. To modify the title or description of the Virtual Portal, add the new title and description to the NLS file.
    Default No default value
    Examples None available

    VirtualPortalObjectId

    Description Object ID of the virtual portal.The object ID is required to modify and delete Virtual Portals. To determine what this value is, run the following task: list-all-virtual-portals. Do not delete the default Virtual Portal.The Object ID for the default Virtual Portal ends with _0.
    Default No default value
    Examples None available


    6. General security properties

    ignoreDuplicateIDs

    Description Set to true to recover from an incomplete LDAP repository creation if the repository cannot be deleted.
    Default false
    Examples None available

    trimSpaces

    Description Set to false and add the attribute to the security ANT target in order to contain trailing spaces of attributes defined in this file.
    Default true
    Examples None available


    7. Federated security properties


    7.1. Add or update an LDAP

    Use the properties in this section to create (wp-create-ldap) or update (wp-update-federated-ldap) the LDAP configuration in virtual member manager (VMM). If we are updating the LDAP configuration, the federated.ldap.id and federated.ldap.host must match the repository to update.

    federated.ldap.id

    Description Unique identifier for the repository within the cell. During an update, this value must match the ID of the repository to be updated. Characters that are not allowed in normal XML strings ( & < > " ' )cannot be used in the repository ID. Should be no longer than 36 characters.
    Default No default value
    Examples None available

    federated.ldap.host

    Description Host name of the primary LDAP server. This host name is either an IP address or a DNS name. During an update, this value must match the ID of the repository to be updated.
    Default No default value
    Examples None available

    federated.ldap.port

    Description LDAP server port.
    Default 389
    Examples None available

    federated.ldap.bindDN

    Description Distinguished name for the application server to use when binding to the LDAP repository.
    Default No default value
    Examples None available

    federated.ldap.bindPassword

    Description Password for the application server to use when binding to the LDAP repository.
    Default No default value
    Examples None available

    federated.ldap.ldapServerType

    Description Type of LDAP server to which you connect.
    Default No default value
    Examples IDS

    federated.ldap.baseDN

    Description LDAP base entry.
    Default No default value
    Examples ou=admins,dc=myco,dc=com


    7.1.1. Group and PersonAccount entity types

    The supported entity types are Group and PersonAccount. Group entity type:

    PersonAccount entity type:


    7.1.2. LDAP properties for Group member attributes

    Provide information used to add or update the federated LDAP Group member attributes.

    federated.ldap.et.group.searchFilter

    Description Search filter to use to search for entity type. VMM uses this filter as an addition during search requests in the environment. The syntax is like a standard LDAP searchfilter. If this parameter is blank, VMM will formulate the filter as...

      (&(uid=*)(objectClass=user))
    Default No default value
    Examples (objectclass=groupOfUniqueNames)

    federated.ldap.et.group.objectClasses

    Description Specifies one or more object classes (separated by ';') for the entity type.
    Default groupOfUniqueNames
    Examples None available

    federated.ldap.et.group.objectClassesForCreate

    Description Specifies one or more object classes (separated by ';') to use when an entity type is created. If the value of this parameter is the same as the objectClass parameter, you do not need to specify this parameter.
    Default No default value
    Examples None available

    federated.ldap.et.group.searchBases

    Description Search base or bases to use while searching for entity type. Multiple search bases are separated by semicolon (";"). If search bases are not specified, then VMM will search under the nodes defined in nodeMaps tag. Therefore we can improve performance if we specify search bases, limiting or reducing the number of search bases. If this is a multiple virtual portal environment, the realm definition of the virtual portal overwrites the searchBase for the objectType. To keep virtual portals that do not have a realm assigned to them functional, keep the searchBase in sync with the nodes where you want the search to start.
    Default No default value
    Examples "cn=users1,dc=myco,dc=com;cn=users2,dc=myco,dc=com"

    federated.ldap.et.personaccount.searchFilter

    Description The search filter to use to search the entity type. VMM uses this filter as an addition during search requests in the environment. The syntax is like a standard LDAP searchfilter. If no value is specified for this parameter or if this parameter is blank, VMM will formulate the filter as (&(uid=*)(objectClass=user)).
    Default No default value
    Examples (objectclass=inetOrgPerson)

    federated.ldap.et.personaccount.objectClasses

    Description One or more object classes (separated by ';') for the entity type. Only use those objectclasses that are unique to users: If there are both users and groups with objectclass 'top', then you must not use this object class here.
    Default inetorgperson
    Examples None available

    federated.ldap.et.personaccount.objectClassesForCreate

    Description One or more object classes (separated by ';') to use when an entity type is created. If the value of this parameter is the same as the objectClass parameter, you do not need to specify this parameter.
    Default No default value
    Examples None available

    federated.ldap.et.personaccount.searchBases

    Description Search base or bases to use while searching the entity type. Multiple search bases are separated by semicolon (";"). If search bases are not specified, then VMM will search under the nodes defined in nodeMaps tag. Therefore we can improve performance if we specify search bases, limiting or reducing the number of search bases.
    Default No default value
    Examples cn=users1,dc=myco,dc=com;cn=users2,dc=myco,dc=com"

    federated.ldap.gm.groupMemberName

    Description LDAP attribute used as the group member attribute.
    Default uniqueMember
    Examples uniqueMember
    Member

    federated.ldap.gm.objectClass

    Description Group object class containing the member attribute. If not defined, the member attribute applies to all group object classes.
    Default groupOfNames
    groupOfUnqiueNames

    federated.ldap.gm.scope

    Description Scope of the member attribute.
    Default direct
    Examples None available

    federated.ldap.gm.dummyMember

    Description If you create a group without specifying a member, a dummy member will be filled in to avoid creating an exception about missing a mandatary attribute. For Novell eDirectory servers, Oracle Directory Server and Windows Active Directory, the value has to be empty or point to an existing entry in the LDAP directory.
    Default uid=dummy
    Examples None available


    7.1.3. Advanced properties for Group configuration

    Provide information used to add or update the federated LDAP user registry.

    federated.ldap.gc.name

    Description The name of the membership attribute.
    Default No default value
    Examples None available

    federated.ldap.gc.updateGroupMembership

    Description This value updates the group membership if the member is deleted or renamed. Some LDAP servers, such as Domino server, do not clean up the membership of the user when a user is deleted or renamed. If you choose these LDAP server types in the ldapServerType property, the value of this parameter is set to true. Use this parameter to change the value.
    Default false
    Examples None available

    federated.ldap.gc.scope

    Description Scope of the member attribute.
    Default direct
    Examples None available

    federated.ldap.adapterClassName

    Description Implementation class name for the repository adapter.
    Default com.ibm.ws.wim.adapter.ldap.LdapAdapter
    Examples None available

    federated.ldap.supportSorting

    Description This value indicates if sorting is supported or not.
    Default false
    Examples None available

    federated.ldap.supportTransactions

    Description This value indicates if transactions are supported or not.
    Default false
    Examples None available

    federated.ldap.isExtIdUnique

    Description Specifies if the external ID is unique.
    Default true
    Examples None available

    federated.ldap.supportExternalName

    Description Specifies if external names are supported or not.
    Default false
    Examples None available

    federated.ldap.sslEnabled

    Description Whether secure socket communication is enabled to the LDAP server. When enabled (true), the SSL settings for LDAP are used.
    Default false
    Examples None available

    federated.ldap.sslConfiguration

    Description Name of the application server SSL configuration (such as mySSLconfig) to be used for SSL enabled LDAP server. Application Server SSL configuration names can be found in WebSphere Application Server Administrative console at Security-SSL certificate and key management. Specify a non-default SSL configuration if federated.ldap.sslEnabled is set to true.
    Default No default value
    Examples mySSLconfig

    federated.ldap.certificateMapMode

    Description Whether to map X.509 certificates into a LDAP directory by exact distinguished name or certificate filter. Specify the certificate filter to use for the mapping if client certificate authentication is used for portal server. If certificate filter is selected standalone.ldap.certificateFilter need to be configured accordingly.
    Default EXACT_DN
    Examples None available

    federated.ldap.certificateFilter

    Description Filter used to map attributes in the client certificate to entries within the LDAP repository. Specifies the filter certificate mapping property (use CERTIFICATE_FILTER as value for standalone.ldap.certificateMapMode) for the LDAP filter if client certificate authentication is used for portal server.
    Default No default value
    Examples uid=${SubjectCN}

    federated.ldap.supportPaging

    Description This value indicates if paging is supported or not.
    Default false
    Examples None available

    federated.ldap.authentication

    Description This value indicates the authentication method to use.
    Default simple
    Examples None available

    federated.ldap.loginProperties

    Description This value indicates the property name used for login.
    Default uid
    Examples None available

    federated.ldap.referral

    Description This value indicates how the LDAP server should handle referrals to other LDAP servers.
    Default ignore
    Examples None available

    federated.ldap.derefAliases

    Description This value controls how aliases are dereferenced.
    Default always
    Examples None available

    federated.ldap.connectionPool

    Description Whether to use the connection pool.
    Default false
    Examples None available

    federated.ldap.connectTimeout

    Description Connection timeout measured in seconds.
    Default 0
    Examples None available

    federated.ldap.primaryServerQueryTimeInterval

    Description This value indicates the polling interval for testing the primary server availability. The value of this parameter is specified in minutes.
    Default 15
    Examples None available

    federated.ldap.returnToPrimaryServer

    Description This value indicates to return to the primary LDAP server when it is available.
    Default true
    Examples None available

    federated.ldap.searchPageSize

    Description Search page size, which represents the number of entries per page.
    Default No default value
    Examples None available

    federated.ldap.searchCountLimit

    Description Search count limit.
    Default 500
    Examples None available

    federated.ldap.searchTimeLimit

    Description Search time limit measured in milliseconds.
    Default 120000
    Examples None available

    federated.ldap.translateRDN

    Description This value indicates whether to translate RDN or not.
    Default false
    Examples None available

    federated.ldap.cp.maxPoolSize

    Description Maximum number of context instances that can be maintained concurrently by the context pool.
    Default 20
    Examples None available


    7.2. Add or update database

    The following properties are used for creating or updating a database user registry configuration. Database modification tasks of VMM need a connection to a running server instance. Check the Server is running prior to running these tasks: wp-create-db or wp-update-db

    federated.db.DataSourceName

    Description Specifies the JNDI name of the data source used to access the federated database domain.
    Default vmmfeddbDS
    Examples None available

    federated.db.DbType

    Description Type of database to be used for VMM Federated database domain for information about supported values. Please check wkplc_comp.properties.
    Default db2
    Examples None available

    federated.db.DbUrl

    Description Federated domain database URL for information about supported values. Please check wkplc_dbdomain.properties. Seach for release.DbUrl
    Default jdbc:db2:vmmfeddb
    Examples None available

    federated.db.DbName

    Description Name of the VMM federated database. Should also appear as the database element in DbUrl. Please verify that you point to the same database.
    Default vmmfeddb
    Examples None available

    federated.db.id

    Description This ID specifies a unique identifier for the repository within the cell. Characters that are not allowed in normal XML strings ( & < > " ' ) cannot be used in the repository ID.
    Default vmmDb
    Examples None available

    federated.db.baseDN

    Description Database base entry. This is the start point where all DB entities will be stored under. Verify the uniqueness of this string.
    Default No default value
    Examples None available

    federated.db.DbUser

    Description Database administrator user ID.
    Default db2admin
    Examples None available

    federated.db.DbPassword

    Description Database administrator password.
    Default ReplaceWithYourDbAdminPwd
    Examples None available


    7.2.1. Advanced database properties

    federated.db.JdbcProviderName

    Description Name of jdbc provider to be used. Keep la.JdbcProviderName in sync for the same db type. la.JdbcProviderName #DOC.DESCRIPTION.2.federated.db.JdbcProviderName =and federated.db.JdbcProviderName must be different for different database types. la.JdbcProviderName and federated.db.JdbcProviderName must be different for different database types.
    Default vmmdbJDBC
    Examples None available

    federated.db.DbSchema

    Description This value is the VMM Federated domain database schema name. Follow the documentation of the target database server in order to define a valid schema name as restrictions apply for some database management systems.
    Default federate
    Examples None available

    federated.db.DbNameOnZos

    Description Required for DB2 for z/OS and OS/390 only. If running db2_zos as remote database, the name of the remote VMM federated database. If portal is running on z/OS with db2_zos, must be set equal to DbName.
    Default WPSTST02
    Examples None available

    federated.db.XDbName

    Description TCPIP Alias for the database. This property is only required for non-Windows platforms when using DB2 with Type 2 drivers. If we are using Type 4 drivers, this value is not used. It defines the federated database alias that needs to be set to call create-database JDBC driver. The database loop back alias that needs to be set if you plan to use the create-local-database-db2 task. The value must be different from the value of dbdomain.DbName. The values for dbdomain.DbName and dbdomain.XDbName must be different in the wpconfig_dbdomain.properties file. For DB2 Content Manager Runtime Edition, this property is the database for tables.
    Default wps6TCP
    Examples Release, Community, Customization, VMM, and the JCR: wps6TCP
    Feedback: fdbk6TCP
    LikeMinds: lmdb6TCP

    federated.db.DbNode

    Description Required for Non-Windows platforms when using DB2 only. Node for the VMM federated domain database and needs to be set to call create-database.
    Default wpsNode
    Examples Release, Community, Customization, JCR, and VMM databases: wpsNode
    Feedback and LikeMinds databases: pznNode

    federated.db.DbStorageGroup

    Description Required for DB2 for z/OS and OS/390 only. Storage group for the VMM federated database.
    Default WPSSG
    Examples None available

    federated.db.DbVolumes

    Description Required for DB2 for z/OS and OS/390 only. Volumes for the VMM federated database.
    Default *
    Examples None available

    federated.db.DbVcat

    Description Required for DB2 for z/OS and OS/390 only. This value is the VCAT for the VMM federated database.
    Default DSN910
    Examples None available

    federated.db.Db4KBufferPoolName

    Description Required for DB2 for z/OS and OS/390 only. This value is the 4K bufferpool name for the VMM federated database.
    Default BP0
    Examples None available

    federated.db.Db32KBufferPoolName

    Description Required for DB2 for z/OS and OS/390 only. This value is the 32K bufferpool name for the VMM federated database.
    Default BP32K
    Examples None available


    7.2.2. Setting up database tables

    Provide information needed to configure tables for the federated database.

    federated.db.reportSqlError

    Description Whether to report SQL errors while setting up databases.
    Default true
    Examples None available

    federated.db.saltLength

    Description This value is the length of the salt which is used when hashing passwords stored in the Member Manager database repository.
    Default 12
    Examples None available

    federated.db.encryptionKey

    Description Encryption key to encrypt the database user registry.
    Default rZ15ws0ely9yHk3zCs3sTMv/ho8fY17s
    Examples rZ15ws0ely9yHk3zCs3sTMv/ho8fY17s

    federated.db.adapterClassName

    Description Implementation class name for the repository adapter.
    Default com.ibm.ws.wim.adapter.db.DBAdapter
    Examples None available

    federated.db.supportSorting

    Description This value indicates if sorting is supported or not.
    Default false
    Examples None available

    federated.db.supportTransactions

    Description This value indicates if transactions are supported or not.
    Default false
    Examples None available

    federated.db.isExtIdUnique

    Description Specifies if the external ID is unique.
    Default true
    Examples None available

    federated.db.supportExternalName

    Description This value indicates if external names are supported or not.
    Default false
    Examples None available

    federated.db.entityRetrievalLimit

    Description Specifies the maximum number of entities that the system can retrieve from the database with a single database query.
    Default 50
    Examples None available


    7.3. Custom user registry properties

    The following properties are used to create or updated a custom user registry (CUR) in a federated security configuration. The properties are referenced when the following tasks are run: wp-create-cur and wp-update-federated-cur

    federated.cur.id

    Description This ID specifies a unique identifier for the repository within the cell. Characters that are not allowed in normal XML strings ( & < > " ' ) cannot be used in the repository ID.
    Default No default value
    Examples None available

    federated.cur.adapterClassName

    Description Implementation class name for the repository adapter.
    Default No default value
    Examples None available

    federated.cur.baseDN

    Description CUR base entry.
    Default No default value
    Examples None available

    federated.cur.isExtIdUnique

    Description Specifies if the external ID is unique.
    Default true
    Examples None available

    federated.cur.supportExternalName

    Description This value indicates if external names are supported or not.
    Default false
    Examples None available

    federated.cur.supportPaging

    Description This value indicates if paging is supported or not.
    Default false
    Examples None available

    federated.cur.supportSorting

    Description This value indicates if sorting is supported or not.
    Default false
    Examples None available

    federated.cur.supportTransactions

    Description This value indicates if transactions are supported or not.
    Default false
    Examples None available


    7.3.1. Federated custom user registry (CUR) custom properties

    The following properties and values are used to create a custom property using the wp-create-cur-custom-property task.

    cur.id

    Description ID of the repository, where the custom property will be created.
    Default No default value
    Examples None available

    cur.name

    Description Name of the custom property.
    Default No default value
    Examples None available

    cur.value

    Description Enter the value of the custom property.
    Default No default value
    Examples None available


    7.4. Enable federated repository

    The following properties are used when you run the wp-modify-federated-security task. The task will enable a Federated repository and the existing default realm will be renamed.

    federated.primaryAdminId

    Description ID of the WAS administrative user. The ID must exist in a user repository.
    Default xyzadmin
    Examples:

    • IBM Tivoli Directory Server: { uid=,cn=users,dc=myco,dc=com }
    • IBM Lotus Domino: { cn=,o=myco.com }
    • Novell eDirectory: { uid=,ou=people,o=myco.com }
    • Oracle Directory Server: { uid=,ou=people,o=myco.com }
    • Windows Active Directory: { cn=,cn=users,dc=myco,dc=com }

    federated.realm

    Description Realm name to be used. The existing default realm will be renamed.
    Default No default value
    Examples None available

    federated.serverId

    Description User ID in the repository used for internal process communication.
    Default No default value
    Examples:

    • IBM Tivoli Directory Server: { uid=,cn=users,dc=myco,dc=com }
    • IBM Lotus Domino: { cn=,o=myco.com }
    • Novell eDirectory: { uid=,ou=people,o=myco.com }
    • Oracle Directory Server: { uid=,ou=people,o=myco.com }
    • Windows Active Directory: { cn=,cn=users,dc=myco,dc=com }

    federated.serverPassword

    Description Password for the user ID in the repository used for internal process communication.
    Default No default value
    Examples None available


    7.4.1. Advanced federated repository properties

    federated.registryClassName

    Description Registry class name.
    Default com.ibm.ws.wim.registry.WIMUserRegistry
    Examples None available

    federated.ignoreCase

    Description Whether the query matches case sensitivity. Not used during node federation to DMGR with WAS when LDAP security is enabled.
    Default true
    Examples None available


    7.5. LDAP attribute configuration validation

    The following properties are used with the wp-validate-federated-ldap-attribute-config and wp-update-federated-ldap-attribute-config tasks.

    federated.ldap.attributes.nonSupported

    Description This value is a comma separated list of attributes that will be added/removed from the list of nonsupported attributes
    Default No default value
    Examples None available

    federated.ldap.attributes.nonSupported.delete

    Description If true, then the attributes in federated.ldap.nonSupported will be deleted from the list of nonsupported attributes, else they will be added.
    Default No default value
    Examples None available

    federated.ldap.attributes.mapping.ldapName

    Description Name of the attribute in LDAP.
    Default No default value
    Examples None available

    federated.ldap.attributes.mapping.portalName

    Description Name of the attribute in portal.
    Default No default value
    Examples None available

    federated.ldap.attributes.mapping.entityTypes

    Description This value is the list of entityTypes the mapping should be applied to.
    Default PersonAccount,Group
    Examples None available


    7.6. Delete federated repository properties

    federated.delete.baseentry

    Description Name of the base entry to be deleted from the default realm. If the base entry exists in other realms, it has to be deleted manually first. Leave this empty only to delete the property extension repository.
    Default No default value
    Examples None available

    federated.delete.id

    Description ID of the repository to be deleted from the VMM configuration. This parameter must be set to LA to delete the property extension repository.
    Default No default value
    Examples None available


    8. Standalone security


    8.1. Modify or updated the LDAP

    The following properties are used with the wp-modify-ldap-security and wp-update-standalone-ldap tasks.

    standalone.ldap.id

    Description This ID specifies a unique identifier for the repository within the cell. Characters that are not allowed in normal XML strings ( & < > " ' ) cannot be used in the repository ID. Should be no longer than 36 characters.
    Default No default value
    Examples None available

    standalone.ldap.host

    Description Host name of the primary LDAP server. This host name is either an IP address or a DNS name.
    Default No default value
    Examples None available

    standalone.ldap.port

    Description LDAP server port.
    Default No default value
    Examples None available

    standalone.ldap.bindDN

    Description Distinguished name for the application server to use when binding to the LDAP repository.
    Default No default value
    Example cn=root

    standalone.ldap.bindPassword

    Description Password for the application server to use when binding to the LDAP repository.
    Default No default value
    Examples None available

    standalone.ldap.ldapServerType

    Description Type of LDAP server to which you connect.
    Default No default value
    Examples IDS

    standalone.ldap.userIdMap

    Description LDAP filter that maps the short name of a user to an LDAP entry. Not used during node federation to DMGR with WAS LDAP security enabled.
    Default No default value
    Examples The following examples displays entries of the object class = inetOrgPerson type by their IDs: inetOrgPerson:uid.

    standalone.ldap.groupIdMap

    Description LDAP filter that maps the short name of a group to an LDAP entry. Piece of information that represents groups when groups display. Use the asterisk (*) as a wildcard character that searches on any object class in this case. Not used during node federation to DMGR with WAS with LDAP security enabled.
    Default No default value
    Examples The following example displays groups by their names: *:cn

    standalone.ldap.groupMemberIdMap

    Description LDAP filter that identifies user-to-group relationships. Specifies which property of an objectclass stores the list of members belonging to the group represented by the objectclass. Not used during node federation to DMGR with WAS LDAP security enabled.
    Default No default value
    Examples None available

    standalone.ldap.userFilter

    Description LDAP user filter that searches the user registry for users. Not used during node federation to DMGR with WAS LDAP security enabled.
    Default No default value
    Examples The following example would be used to look up users based on their user IDs:(&(uid=%v)(objectclass=inetOrgPerson))

    standalone.ldap.groupFilter

    Description LDAP group filter that searches the user registry for groups. Not used during node federation to DMGR with WAS LDAP security enabled.
    Default No default value
    Examples None available

    standalone.ldap.serverId

    Description User ID in the repository used for internal process communication. Not used during node federation to #DOC.DESCRIPTION.2.standalone.ldap.serverId =DMGR with WAS LDAP security enabled.
    Default No default value
    Examples:

    • IBM Tivoli Directory Server: { uid=,cn=users,dc=myco,dc=com }
    • IBM Lotus Domino: { cn=,o=myco.com }
    • Novell eDirectory: { uid=,ou=people,o=myco.com }
    • Oracle Directory Server: { uid=,ou=people,o=myco.com }
    • Windows Active Directory: { cn=,cn=users,dc=myco,dc=com }

    standalone.ldap.serverPassword

    Description Password for the user ID in the repository used for internal process communication. Not used during node federation to DMGR with WAS LDAP security enabled.
    Default No default value
    Examples None available

    standalone.ldap.realm

    Description Security context of this server. A realm with this name will be created.
    Default No default value
    Examples None available

    standalone.ldap.primaryAdminId

    Description WAS admin user ID. The ID must exist in the LDAP server.
    Default No default value
    Examples None available

    standalone.ldap.primaryAdminPassword

    Description Password for the WAS admin user ID. The ID must exist in the LDAP server.
    Default No default value
    Examples None available

    standalone.ldap.primaryPortalAdminId

    Description WebSphere Portal admin user ID. The ID must exist in the LDAP server.
    Default No default value
    Examples None available

    standalone.ldap.primaryPortalAdminPassword

    Description Password for the WebSphere Portal admin user ID. The ID must exist in the LDAP server.
    Default No default value
    Examples None available

    standalone.ldap.primaryPortalAdminGroup

    Description User group with administrative permission in portal. The group must exist in the LDAP server.
    Default No default value
    Examples None available

    standalone.ldap.baseDN

    Description LDAP base entry. This is the startpoint for all LDAP searches of WAS Security
    Default No default value
    Examples None available


    8.2. LDAP entity types: properties for entity type Group

    standalone.ldap.et.group.searchFilter

    Description Search filter to use to search the entity type. VMM uses this filter as an addition during search requests in the environment. This value can be left blank. If you leave the value blank, no additional filter is applied and the other VMM configuration is used.
    Default No default value
    Examples (objectclass=groupOfUniqueNames)

    standalone.ldap.et.group.objectClasses

    Description Specifies one or more object classes (separated by ';') for the group entity type.
    Default groupOfUniqueNames
    Examples None available

    standalone.ldap.et.group.objectClassesForCreate

    Description Object classes separated by a semi-colon (;) to use when an entity type is created. If the value of this parameter is the same as the objectClass parameter, you do not need to specify this parameter.
    Default No default value
    Examples None available

    standalone.ldap.et.group.searchBases

    Description Search base or bases to use while searching the entity type. Multiple search bases are separated by semicolon (";"). If search bases are not specified, then VMM will search under the nodes defined in nodeMaps tag. Therefore we can improve performance if we specify search bases, limiting or reducing the number of search bases. If this is a multiple virtual portal environment, the realm definition of the virtual portal overwrites the searchBase for the objectType. To keep virtual portals that do not have a realm assigned to them functional, keep the searchBase in sync with the nodes where you want the search to start.
    Default No default value
    Examples "cn=users1,dc=myco,dc=com;cn=users2,dc=myco,dc=com"

    standalone.ldap.et.personaccount.searchFilter

    Description Search filter to use to search the entity type. VMM uses this filter as an addition during search requests in the environment. This value can be left blank.
    Default No default value
    Examples (objectclass=inetorgperson)

    standalone.ldap.et.personaccount.objectClasses

    Description Should match the objectclass used in the LDAP for type User.
    Default inetorgperson
    Examples None available

    standalone.ldap.et.personaccount.objectClassesForCreate

    Description Object classes, separated by a semi-colon (;), to use when an entity type is created. If the value of this parameter is the same as the objectClass parameter, you do not need to specify this parameter.
    Default No default value
    Examples None available

    standalone.ldap.et.personaccount.searchBases

    Description Search base or bases to use while searching the entity type.
    Default No default value
    Examples None available


    8.3. Group member attributes

    standalone.ldap.gm.groupMemberName

    Description LDAP attribute used as the group member attribute.
    Default uniqueMember
    Examples None available

    standalone.ldap.gm.objectClass

    Description Group object class containing the member attribute. If not defined, the member attribute applies to all group object classes
    Default groupOfUniqueNames
    Examples groupOfNames
    groupOfUnqiueNames

    standalone.ldap.gm.scope

    Description The scope of the member attribute.
    Default direct
    Examples None available

    standalone.ldap.gm.dummyMember

    Description If you create a group without specifying a member, a dummy member will be filled in to avoid creating an exception about missing a mandatary attribute. For Novell eDirectory servers, Oracle Directory Server and Windows Active Directory, the value has to be empty or point to an existing entry in the LDAP directory.
    Default uid=dummy
    Examples None available


    8.4. Default parent, RDN attribute

    standalone.ldap.personAccountParent

    Description Default parent to be set for the entity type PersonAccount.
    Default No default value
    Examples None available

    standalone.ldap.groupParent

    Description Default parent to be set for the entity type Group.
    Default No default value
    Examples None available

    standalone.ldap.personAccountRdnProperties

    Description RDN attribute name for the entity type PersonAccount. To reset all the values of the rdnProperties parameter, specify a blank string ("").
    Default uid
    Examples None available

    standalone.ldap.groupRdnProperties

    Description RDN attribute name for the entity type Group. To reset all the values of the rdnProperties parameter, specify a blank string ("").
    Default cn
    Examples None available


    8.5. Advanced Properties for Group configuration

    standalone.ldap.gc.name

    Description The name of the membership attribute.
    Default No default value
    Examples None available

    standalone.ldap.gc.updateGroupMembership

    Description This value updates the group membership if the member is deleted or renamed. Some LDAP servers, such as Domino server, do not clean up the membership of the user when a user is deleted or renamed. If you choose these LDAP server types in the ldapServerType property, the value of this parameter is set to true. Use this parameter to change the value.
    Default No default value
    Examples None available

    standalone.ldap.gc.scope

    Description Scope of the member attribute.
    Default direct
    Examples None available

    standalone.ldap.derefAliases

    Description This value controls how aliases are dereferenced.
    Default always
    Examples None available

    standalone.ldap.authentication

    Description This value indicates the authentication method to use.
    Default simple
    Examples None available

    standalone.ldap.referral

    Description This value indicates how the LDAP server should handle referrals to other LDAP servers.
    Default ignore
    Examples None available

    standalone.ldap.delimiter

    Description Delimiter used for this realm.
    Default /
    Examples None available

    standalone.ldap.ignoreCase

    Description Whether the query matches case sensitivity. Not used during node federation to DMGR with WAS when LDAP security is enabled.
    Default true
    Examples None available

    standalone.ldap.sslEnabled

    Description Whether secure socket communication is enabled to the LDAP server. When enabled (true), the SSL settings for LDAP are used.
    Default false
    Examples None available

    standalone.ldap.sslConfiguration

    Description Name of the application server SSL configuration (such as mySSLconfig) to be used for SSL enabled LDAP server. Application Server SSL configuration names can be found in WAS Administrative console at Security-SSL certificate and key management. Specify a non default SSL configuration if federated.ldap.sslEnabled is set to true.
    Default No default value
    Examples None available

    standalone.ldap.certificateMapMode

    Description Whether to map X.509 certificates into a LDAP directory by exact distinguished name or certificate filter. Certificate filter to use for the mapping, if client certificate authentication is used for portal server. If certificate filter is selected standalone.ldap.certificateFilter need to be configured accordingly.
    Default EXACT_DN
    Examples None available

    standalone.ldap.certificateFilter

    Description This filter is used to map attributes in the client certificate to entries within the LDAP repository. Specifies the filter certificate mapping property (use CERTIFICATE_FILTER as value for standalone.ldap.certificateMapMode) for the LDAP filter if client certificate authentication is used for portal server.
    Default No default value
    Examples uid=${SubjectCN}

    standalone.ldap.reuseConnection

    Description Should be set to true by default to reuse the LDAP connection. Not used during node federation to DMGR with WebSphere Application Server when LDAP security is enabled.
    Default true
    Examples None available

    standalone.ldap.searchTimeLimit

    Description Search time limit measured in milliseconds.
    Default 120000
    Examples None available

    standalone.ldap.connectionPool

    Description Whether to use the connection pool.
    Default false
    Examples None available

    standalone.ldap.connectTimeout

    Description Connection timeout measured in seconds.
    Default 0
    Examples None available

    standalone.ldap.supportSorting

    Description This value indicates if sorting is supported or not.
    Default false
    Examples None available

    standalone.ldap.supportPaging

    Description This value indicates if paging is supported or not.
    Default false
    Examples None available

    standalone.ldap.supportTransactions

    Description This value indicates if transactions are supported or not.
    Default false
    Examples None available

    standalone.ldap.isExtIdUnique

    Description Specifies if the external ID is unique.
    Default true
    Examples None available

    standalone.ldap.supportExternalName

    Description This value indicates if external names are supported or not.
    Default false
    Examples None available

    standalone.ldap.translateRDN

    Description This value indicates to whether to translate RDN or not.
    Default false
    Examples None available

    standalone.ldap.searchCountLimit

    Description Search count limit.
    Default 500
    Examples None available

    standalone.ldap.searchPageSize

    Description Search page size, which is the number of entries per page.
    Default No default value
    Examples None available

    standalone.ldap.returnToPrimaryServer

    Description This value indicates to return to the primary LDAP server when it is available.
    Default true
    Examples None available

    standalone.ldap.primaryServerQueryTimeInterval

    Description This value indicates the polling interval for testing the primary server availability. The value of this parameter is specified in minutes.
    Default No default value
    Examples None available

    standalone.ldap.loginProperties

    Description The property name used for the login.
    Default uid
    Examples None available

    standalone.ldap.cp.maxPoolSize

    Description Maximum number of context instances that can be maintained concurrently by the context pool.
    Default 20
    Examples None available


    8.6. LDAP attribute configuration

    To update or validate the stand-alone LDAP attribute configuration, provide values for the following properties. The following configuration tasks use the LDAP attribute configuration properties: wp-validate-standalone-ldap-attribute-config and wp-update-standalone-ldap-attribute-config

    standalone.ldap.attributes.nonSupported

    Description This value is a comma separated list of attributes that will be added/removed from the list of nonsupported attributes
    Default No default value
    Examples None available

    standalone.ldap.attributes.nonSupported.delete

    Description If true, then the attributes in federated.ldap.nonSupported will be deleted from the list of nonsupported attributes, else they will be added.
    Default No default value
    Examples None available

    standalone.ldap.attributes.mapping.ldapName

    Description Name of the attribute in the LDAP server.
    Default No default value
    Examples None available

    standalone.ldap.attributes.mapping.portalName

    Description Name of the attribute in portal.
    Default No default value
    Examples None available

    standalone.ldap.attributes.mapping.entityTypes

    Description This value is the list of entityTypes the mapping should be applied to.
    Default PersonAccount,Group
    Examples None available


    8.7. Standalone custom user registry configuration

    The following properties require values only if you have a custom user registry (CUR) that update. The properties are used with the following configuration tasks: wp-modify-cur-security and wp-update-standalone-cur

    standalone.cur.id

    Description This ID specifies a unique identifier for the repository within the cell. Characters that are not allowed in normal XML strings ( & < > " ' ) cannot be used in the repository ID.
    Default testCur
    Examples None available

    standalone.cur.baseDN

    Description CUR base entry.
    Default No default value
    Examples None available

    standalone.cur.realm

    Description Security context of this server.
    Default No default value
    Examples None available

    standalone.cur.delimiter

    Description Delimiter used for this realm.
    Default /
    Examples None available

    standalone.cur.adapterClassName

    Description Implementation class name for the repository adapter.
    Default No default value
    Examples None available

    standalone.cur.WasAdapterClassName

    Description Implementation class name for the WebSphere custom user registry adapter.
    Default No default value
    Examples None available

    standalone.cur.propertyName

    Description This value is a custom property name-value pair. A custom property will only be added if the standalone.cur.propertyName is defined.
    Default No default value
    Examples None available

    standalone.cur.propertyValue

    Description This value is a custom property name-value pair. A custom property will only be added if the standalone.cur.propertyName is defined.
    Default No default value
    Examples None available

    standalone.cur.primaryAdminId

    Description WAS admin user ID. The ID must exist in a custom user repository.
    Default No default value
    Examples None available

    standalone.cur.primaryAdminPassword

    Description Password for the WAS admin user ID. The ID must exist in a custom user repository.
    Default No default value
    Examples None available

    standalone.cur.primaryPortalAdminId

    Description WebSphere Portal admin user ID. The ID must exist in the custom user repository.
    Default No default value
    Examples None available

    standalone.cur.primaryPortalAdminPassword

    Description Password for the WebSphere Portal admin user ID. The ID must exist in the custom user repository.
    Default No default value
    Examples None available

    standalone.cur.primaryPortalAdminGroup

    Description User group with administrative permission in portal. The group must exist in the custom user repository.
    Default No default value
    Examples None available

    standalone.cur.personAccountParent

    Description Default parent to be set for the entity type PersonAccount.
    Default No default value
    Examples None available

    standalone.cur.groupParent

    Description Default parent to be set for the entity type Group.
    Default No default value
    Examples None available

    standalone.cur.personAccountRdnProperties

    Description RDN attribute name for the entity type PersonAccount. To reset all the values of the rdnProperties parameter, specify a blank string ("").
    Default uid
    Examples None available

    standalone.cur.groupRdnProperties

    Description RDN attribute name for the entity type Group. To reset all the values of the rdnProperties parameter, specify a blank string ("").
    Default cn
    Examples None available

    standalone.cur.isExtIdUnique

    Description Specifies if the external ID is unique.
    Default true
    Examples None available

    standalone.cur.supportExternalName

    Description This value indicates if external names are supported or not.
    Default false
    Examples None available

    standalone.cur.supportPaging

    Description This value indicates if paging is supported or not.
    Default false
    Examples None available

    standalone.cur.supportSorting

    Description This value indicates if sorting is supported or not.
    Default false
    Examples None available

    standalone.cur.supportTransactions

    Description This value indicates if transactions are supported or not.
    Default false
    Examples None available


    9. VMM property extension database properties


    Property extension database was previously called the lookaside database. The property extension database stores additional attributes that cannot be stored in the LDAP user registry. Database modification tasks of VMM need a connection to a running server instance. Check to make sure the server is running. The properties are used with the following tasks: wp-configure-la-complete and wp-add-la-property

    la.JdbcProviderName

    Description Name of JDBC provider portal uses to communicate with its databases. To keep federated.db.JdbcProviderName in sync for the same database type, la.JdbcProviderName and federated.db.JdbcProviderName must be different for different database types
    Default vmmdbJDBC
    Examples None available

    la.DbType

    Description Type of database to be used for the VMM property extension database domain.
    Default db2
    Examples None available

    la.DbUrl

    Description Federated domain database URL for information about supported values. Please check wkplc_comp.properties.
    Default jdbc:db2:vmmladb
    Examples None available

    la.DbName

    Description Name of the VMM property extension database. Should also appear as the database element in DbUrl. Verify that you point to the same database. For non-Windows platforms when using DB2, this value is the TCPIP Alias for the database. For DB2 and DB2 for z/OS, this value cannot exceed 8 characters and can only contain letters and numbers. Refer to the database documentation for more information. For DB2, this value must be different from the value of dbdomain.XDbName. If you change the name of the WebSphere Portal data source due to a database migration, manually update this property in the portal_server_root/config/wpconfig_dbdomain.properties file to maintain the proper resource reference mapping.
    Default vmmladb
    Examples Community: comm
    Customization: cust
    Feedback: fdbkdb
    JCR: jcrdb
    LikeMinds: lmdb
    Release: release
    VMM: vmmdb

    la.DataSourceName

    Description Name of the datasource to be used for VMM Federated DB domain.
    Default vmmladbDS
    Examples None available

    la.DbUser

    Description Database administrator user ID. This value is specific to DB2.
    Default db2admin
    Examples None available

    la.DbPassword

    Description Database administrator password
    Default ReplaceWithYourDbAdminPwd
    Examples None available


    9.1. Advanced properties

    la.DbSchema

    Description This value is the VMM property extension database domain database schema name. Follow the documentation of the target database management system in order to define a valid schema name as restrictions apply for some database management systems.
    Default federate
    Examples None available

    la.DbNameOnZos

    Description Required for DB2 for z/OS and OS/390 only. If we are running DB2 for z/OS as remote database, this value is the name of the remote VMM property extension database. If portal is running on z/OS and db2 for z/OS is on the same server, this value must be set equal to DbName value.
    Default WPSTST02
    Examples None available

    la.XDbName

    Description Required for Non-Windows platforms when using DB2 locally (on the same server) and DB2 is using the Type 2 JDBC driver. The VMM property extension database alias that needs to be set to use the create-database task.
    Default wps6TCP
    Examples None available

    la.DbNode

    Description Required for Non-Windows platforms when using DB2 only. Node for the VMM property extension domain database and needs to be set to use the create-database task.
    Default wpsNode
    Examples None available

    la.DbStorageGroup

    Description Required for DB2 for z/OS and OS/390 only. Storage group for the VMM property extension database for the Web Content Management JCR.
    Default WPSSG
    Examples None available

    la.DbVolumes

    Description Required for DB2 for z/OS and OS/390 only. Volumes for the VMM lookaside database.
    Default *
    Examples None available

    la.DbVcat

    Description Required for DB2 for z/OS and OS/390 only. This value is the VCAT for the VMM property extension database.
    Default DSN910
    Examples None available

    la.Db4KBufferPoolName

    Description Required for DB2 for z/OS and OS/390 only. This value is the 4K bufferpool name for the VMM property extension database.
    Default BP0
    Examples None available

    la.Db32KBufferPoolName

    Description Required for DB2 for z/OS and OS/390 only. This value is the 32K bufferpool name for the VMM property extension database.
    Default BP32K
    Examples None available


    9.2. Create property extension tables

    la.reportSqlError

    Description Whether to report SQL errors while setting up databases.
    Default true
    Examples None available

    la.entityRetrievalLimit

    Description Specifies the maximum number of entities that the system can retrieve from the database with a single database query.
    Default 50
    Examples None available


    9.3. Add a property

    Properties used by tasks...

    ...require a secure connection to the dmgr. Check...

    ..and verify...

    If we are using a remote telnet or ssh connection, set...

    Example values:

    la.providerURL

    Description Remote endpoint where the portal server or dmgr installation is available. Check the value for localhost:port The port should point to the bootstrap Port of WebSphere_Portal or dmgr. dmgr is used in a cluster environment
    Default corbaloc:iiop:localhost:10031
    Examples corbaloc:iiop:dmgr.example.com:9809

    la.propertyName

    Description Name of the property that we are adding.
    Default No default value
    Examples email, dept

    la.entityTypes

    Description List of entity types that the new property is applicable to.
    Default No default value
    Examples None available

    la.dataType

    Description Data type for your property extension database.
    Default No default value
    Examples None available

    la.multiValued

    Description Whether the property can contain multiple attributes or not.
    Default No default value
    Examples None available

    repositoryId

    Description Only used for the wp-add-property task. Adding a property to VMM configuration of a repository does not add the property to the LDAP system. List of repositories that the new property will be added to. The list of repositories must be separated by a comma. Leave the value blank to add the property to all repositories.
    Default No default value
    Examples None available


    10. VMM LDAP entity type configuration

    Provide values for the following properties if create, delete, or add and LDAP entity type configuration. The properties are used with the following #DOC.SECTION.DESCRIPTION.3 =configuration tasks: wp-create-ldap-entitytype, wp-delete-ldap-entitytype, and wp-add-ldap-entitytype-rdn

    et.ldap.id

    Description LDAP server ID.
    Default No default value
    Examples myLDAPServer

    et.entityTypeName

    Description Name of the entity type to create, update, or delete.
    Default No default value
    Examples None available

    et.objectClass

    Description Specifies a semi-colon (;) delimited list of object classes to be added.
    Default No default value
    Examples groupOfUniqueNames

    et.searchFilter

    Description Search filter to use to search the entity type.
    Default No default value
    Examples a filter like departmentNumber=1234 would only allow objects with this department number to be a valid search result

    et.objectClassesForCreate

    Description Specifies a semi-colon (;) delimited list of object classes to use when an entity type is created. If the value of this parameter is the same as the objectClass parameter, you do not need to specify this parameter.
    Default No default value
    Examples groupOfUniqueNames

    et.searchBases

    Description Search base or bases to use while searching the entity type.
    Default No default value
    Examples o=fooo=bar

    et.rdnName

    Description Specifies additional attributes for the wp-add-ldap-entitytype-rdn task. The attribute name used to build the relative distinguished name (RDN) for the entity type.
    Default No default value
    Examples None available

    et.ldap.referral

    Description Specifies additional attributes for the wp-add-ldap-entitytype-rdn task. This value indicates how the LDAP server should handle referrals to other LDAP servers.
    Default ignore
    Examples None available

    et.ldap.host

    Description
    Default No default value
    Examples None available


    11. VMM supported entity types configuration

    The wp-update-entitytype task updates the entity type 'entityTypeName' with the value of defaultParent and adds the RDN attribute to the existing list. The wp-set-entitytype task updates the entity type 'entityTypeName' with the value of defaultParent and adds the RDN attribute as only entry in the RDN list

    entityTypeName

    Description Name of the entity type.
    Default No default value
    Examples None available

    defaultParent

    Description Specifies the base entry name that will be used as default parent for the given entity type.
    Default No default value
    Examples None available

    rdnProperties

    Description Specifies the RDN attribute name for the supported entity type in the entity domain name. To reset all the values of the rdnProperties parameter, specify a blank string ("").
    Default cn
    Examples None available

    updatePumaSearchBase

    Description Whether the default search attribute for users and groups in PUMA Store Service should also be updated.
    Default false
    Examples None available


    11.1. Update the defaultParent of the entity types Group and PersonAccount

    The wp-update-entitytypes task updates the defaultParent of the entity types Group and PersonAccount and adds the RDN attributes to the existing list. The wp-set-entitytypes task updates the defaultParent of the entity types Group and PersonAccount and adds the RDN attributes as only entry in the RDN list

    personAccountParent

    Description Default parent of the entity type PersonAccount.
    Default No default value
    Examples None available

    groupParent

    Description Default parents of the entity type Group.
    Default No default value
    Examples None available

    personAccountRdnProperties

    Description Specifies the RDN attribute name for the entity type PersonAccount. To reset all the values of the rdnProperties parameter, specify a blank string ("").
    Default uid
    Examples None available

    groupRdnProperties

    Description Specifies the RDN attribute name for the entity type Group. To reset all the values of the rdnProperties parameter, specify a blank string ("").
    Default cn
    Examples None available


    11.2. Group member attribute configuration

    If the group member attribute does not exist, it will be created. The following properties are used with the wp-update-ldap-groupmember and wp-delete-ldap-groupmember tasks.

    gm.ldap.id

    Description LDAP server ID.
    Default No default value
    Examples None available

    gm.groupMemberName

    Description LDAP attribute used as the group member attribute.
    Default No default value
    Examples uniqueMember
    Member

    gm.objectClass

    Description Group object class containing the member attribute. If not defined, the member attribute applies to all group object classes
    Default No default value
    Examples groupOfNames
    groupOfUnqiueNames

    gm.scope

    Description Scope of the member attribute.
    Default No default value
    Examples None available

    gm.dummyMember

    Description If you create a group without specifying a member, a dummy member will be filled in to avoid creating an exception about missing a mandatary attribute. For Novell eDirectory servers, Oracle Directory Server and Windows Active Directory, the value has to be empty or point to an existing entry in the LDAP directory.
    Default No default value
    Examples None available


    11.3. Create group member configuration

    The following properties are used with the wp-create-ldap-groupconfig task.

    gc.ldap.id

    Description LDAP server ID.
    Default Stand-alone
    Examples None available

    gc.name

    Description Name of the membership attribute.
    Default ibm-allGroups
    Examples:

    • IBM Tivoli Directory Server: ibm-allGroups
    • IBM Lotus Domino: no example available
    • IBM SecureWay Security Server: no example available
    • Novell eDirectory: no example available
    • Oracle Directory Server: no example available
    • Windows Active Directory: memberOf

    gc.updateGroupMembership

    Description This value updates the group membership if the member is deleted or renamed. Some LDAP servers, such as Domino server, do not clean up the membership of the user when a user is deleted or renamed. If you choose these LDAP server types in the ldapServerType property, the value of this parameter is set to true. Use this parameter to change the value.
    Default false
    Examples None available

    gc.scope

    Description Scope of the member attribute.
    Default nested
    Examples None available


    11.4. Context pool

    The following properties are used with the wp-update-ldap-contextpool task.

    cp.ldap.id

    Description LDAP server used for the context pool.
    Default No default value
    Examples None available

    cp.maxPoolSize

    Description Specifies the maximum number of context instances that can be maintained concurrently by the context pool.
    Default No default value
    Examples None available


    11.5. Realm configuration

    The following properties are used to in multiple realm configuration tasks. If no realm name is specified, the default realm will be updated

    1. The wp-create-realm tasks uses the following properties: realmName, addBaseEntry, securityUse, and delimiter

    2. The wp-update-realm task uses the following properties: realmName, securityUse, and delimiter

    3. The wp-delete-realm task uses the following property: deleteRealmName

    4. The wp-default-realm task uses the following property: defaultRealmName

    5. The wp-add-realm-baseentry task uses the following properties: realmName and addBaseEntry

    6. The wp-delete-realm-baseentry task uses the following properties: realmName and deleteBaseEntry

    7. The wp-query-realm-baseentry task uses the following property: realmName

    8. The wp-modify-realm-defaultparents task uses the following properties: realmName, realm.personAccountParent, realm.groupParent, and realm.orgContainerParent

    9. The wp-modify-realm-enable-dn-login task uses the following property: realmName

    10. The wp-modify-realm-disable-dn-login task uses the following property: realmName

    realmName

    Description Name of the realm to be created or updated. If no realm name is given, the default realm will be updated.
    Default No default value
    Examples None available

    addBaseEntry

    Description Name of base entry to be added to the realm.
    Default No default value
    Examples None available

    securityUse

    Description Set whether this virtual realm will be used in security now, later, or never.
    Default active
    Examples None available

    delimiter

    Description Delimiter used for this realm.
    Default /
    Examples None available

    defaultRealmName

    Description Name of the new default realm.
    Default No default value
    Examples None available

    deleteBaseEntry

    Description Name of the base entry to be deleted from the realm.
    Default No default value
    Examples None available

    realm.personAccountParent

    Description Default parents to be set for the entity type PersonAccount. The realm entered in realmName will be used to perform the change.
    Default No default value
    Examples None available

    realm.groupParent

    Description Default parents to be set for the entity type Group. The realm entered in realmName will be used to perform the change.
    Default No default value
    Examples None available

    realm.orgContainerParent

    Description Default parents to be set for the entity type OrgContainer. The realm entered in realmName will be used to perform the change.
    Default No default value
    Examples None available


    11.6. Base entry configuration

    The following properties are used by the wp-create-base-entry, wp-update-base-entry, and wp-delete-base-entry. When running the wp-update-base-entry task, if the base entry does not exist, the task will create the entry.

    id

    Description Specifies the ID of the repository, where the base entry will be created, updated, or deleted. When a base entry is created, it will automatically be added to the default realm.
    Default No default value
    Examples None available

    baseDN

    Description Name of the base entry to be created, updated, or deleted.
    Default No default value
    Examples None available

    nameInRepository

    Description Distinguished name in the repository that uniquely identifies the base entry name. In most cases this should be the same as baseDN.
    Default No default value
    Examples ou=admins,dc=myco,dc=com


    11.7. Change administrative users

    The following properties are used by the wp-change-was-admin-user and wp-change-portal-admin-user tasks. The wp-change-portal-admin-user task will also change the admin group if the ID is set.

    newAdminId

    Description New ID of the administrative user. The "short name" for this new ID should not be identical to the original admin user ID. The user ID cannot contain a space for example, user ID. On Windows, if the user ID contains a space, place quotes around the fully qualified user ID before running the task. On UNIX, if the fully qualified user ID contains a space, place the fully qualified user ID in the properties file or into a parent properties file instead entering it as a flag on the command line.

    For example, create a parent properties file called mysecurity.properties, enter the fully qualified user ID and then run the task:

      ./ConfigEngine.sh task_name -DparentProperties=/opt/mysecurity.properties.

    Default No default value
    Examples:

    • Development configuration without security: PortalAdminId=wpsadmin
    • IBM Tivoli Directory Server: { uid=,cn=users,dc=myco,dc=com }
    • IBM Lotus Domino: { cn=,o=myco.com }
    • Novell eDirectory { uid=,ou=people,o=myco.com }
    • Oracle Directory Server : { uid=,ou=people,o=myco.com }
    • Windows Active Directory: { cn=,cn=users,dc=myco,dc=com }
    • Windows Active Directory-Lightweight-Directory-Services : { cn=,cn=users,dc=myco,dc=com }
    • Windows when the fully qualified user ID contains a space: "cn=wpsadmin,cn=users,l=SharedLDAP,c=US,ou=Lotus,o=Software Group,dc=ibm,dc=com"

    newAdminPw

    Description New password of the administrative user.
    Default No default value
    Examples None available

    newAdminGroupId

    Description New ID of the portal administrative group.
    Default No default value
    Examples None available


    11.8. Change attribute configuration

    The wp-update-attribute-config task sets the overall required and unsupported properties.

    user.attributes. required

    Description New (comma separated) list of attributes required for user creation
    Default sn
    Examples None available

    user.attributes.nonsupported

    Description New (comma separated) list of attributes that will be ignored by portal.
    Default certificate,identifier
    Examples None available


    11.9. Restore VMM security

    The following properties are used with the wp-restore-default-repository-configuration task.

    restore.file.realm

    Description Specifies the realm name to be used. A realm with this name will be created.
    Default federatedRealm
    Examples None available

    restore.file.delimiter

    Description Delimiter used for this realm.
    Default /
    Examples None available

    restore.file.primaryAdminId

    Description Specifies the ID (shortname) of the WAS administrative user. The ID must exist in a user repository.
    Default adminUID
    Examples None available

    restore.file.primaryAdminPassword

    Description Password (shortname) of the WAS administrative user.
    Default adminPWD
    Examples None available

    restore.file.primaryPortalAdminGroup

    Description User group (short name) with administrative permission in portal. The group must exist in the LDAP server.
    Default adminGroupCN
    Examples None available


    11.10. Community Isolation and external users

    The following properties are used with the wp-configure-community-isolation and wp-configure-external-users task.

    communityIsolation.enabled

    Description Whether or not the boolean flag should enable community isolation (peer groups).
    Default false
    Examples None available

    externalUsers.enabled

    Description Whether or not the boolean flag should enable or disable external users.
    Default false
    Examples None available

    externalUsers.parentDN

    Description Parent DN for new external users.
    Default No default value
    Examples ou=externalUsers,o=defaultWIMFileBasedRealm


    12. Additional properties for internal use only

    AdditionalPropertiesToFilter

    Description Do not change the value of this attribute unless specifically directed to do so by IBM Support
    Default newAdminPw
    Examples None available

    wps.userdir

    Description Do not change the value of this attribute unless specifically directed to do so by IBM Support.
    Default PortalServer
    Examples None available


    Parent: Configuration properties reference