Prepare a IBM Directory Server
To use a IBM Directory Server as an LDAP user registry, install and set up the server so that it communicates with IBM WebSphere Portal.
- Install IBM Directory Server. Refer to the IBM Directory Server Installation and Configuration Guide for instructions.
Restriction: Users or groups must not contain a Turkish uppercase dotted I or lowercase dotted i in the distinguished name. It prevents correct retrieval of that user or group.
- Complete the following steps with the IBM Directory Server web administration tool to create the WebSphere Portal administrative user:
To create a directory suffix:
- Click the Server Administration folder in the directory server console navigation.
- Click the Manage Server Properties folder under the Server Administration folder and then select Suffixes on the main page.
- Type the Base DN name for the suffix; for example: dc=myco,dc=com.
- Click Add.
- Click OK to save the changes.
- Open the appropriate LDIF file in the PORTAL_HOME/installer/wp.iim/ldif directory, with a text editor:
- Use the PortalUsers.ldif file as a working example and adapt appropriately to work with the LDAP server.
- Use the ContentUsers.ldif file for the IBM Content Manager group and user ID if we configured IBM Content Manager.
- Replace every dc=myco,dc=com with the suffix.
- Replace any prefixes and suffixes unique to the LDAP server.
- We can specify user names other than wpsadmin and wpsbind. For security reasons, specify nontrivial passwords for these administrator accounts.
- Save the changes.
- Complete the instructions provided with our directory server to import the LDIF file.
- To create the WebSphere Portal administrative user:
- Open the appropriate LDIF file in the PORTAL_HOME/installer/wp.iim/ldif directory, with a text editor:
- Use the PortalUsers.ldif file as a working example and adapt appropriately to work with the LDAP server.
- Use the ContentUsers.ldif file for the IBM Content Manager group and user ID if we configured IBM Content Manager.
- Replace every dc=myco,dc=com with the suffix.
- Replace any prefixes and suffixes unique to the LDAP server.
- We can specify user names other than wpsadmin and wpsbind. For security reasons, specify nontrivial passwords for these administrator accounts.
- If we use Security Access Manager Version 5.1, set the objectclasses to accessGroup. If we use Security Access Manager Version 6, set the objectclasses to groupOfNames.
- Save the changes.
- Complete the instructions provided with our directory server to import the LDIF file.