+

Search Tips   |   Advanced Search

Prepare an Active Directory server

To use Active Directory as an LDAP user registry, install and set up the server so that it can communicate with IBM WebSphere Portal.

  1. To install and configure Active Directory:

    1. Install Windows Server version 2008 or 2012, which includes Active Directory. Refer to http://www.microsoft.com/windows2000/technologies/directory/ad/default.asp for information.

    2. Install the necessary Service Packs.

    3. Use the Windows Server documentation to install Internet Information Services (IIS). Use IIS to export server certificates. It must be installed before we install Certificate Services.

    4. Use the Windows Server documentation to install Certificate Services if you plan on using Active Directory over SSL.

  2. Create the WebSphere Portal administrative user:

    1. Create a user with the Windows administrative tools.

      There is a 20 character limitation for the user account name.

    2. Set the password for the new user.

    3. Activate the new user with the Windows administrative tools. Set the msDS-UserAccountDisabled attribute to false.

  3. To enable SSL for Active Directory; this step sets passwords during sign-up and user creation:

    1. Install an Enterprise certificate authority on a Windows Domain Controller. It installs a certificate on a server or a third-party certificate on the Domain Controller.

    2. Click Start > All Programs > Administrative Tools > Active Directory Users and Computer.

    3. In the Active Directory Users and Computers window, right-click on the domain name and select Properties.

    4. In the Domain Properties dialog box, select the Group Policy tab.

    5. Select the Default Domain Policy group policy and then click Edit.

    6. Select Windows Settings under Computer Configuration.

    7. Select Security Settings and then select Public Key Policies.

    8. Select Automatic Certificate Request Settings.

    9. Use the wizard to add a policy for Domain Controllers.

      When these requirements are complete, all domain controllers request a certificate and support LDAP over SSL with port 636.


Parent Prepare the user registry software