Preparing an Active Directory server
on i5/OS
If you plan to use Active Directory as
an LDAP user registry, install and set up the server so that it will
communicate with IBM® WebSphere® Portal Express.
Perform the following steps to prepare Active Directory:
- Customize the LDAP directory servers settings
using the Directory Services Configuration Wizard. You must have *ALLOBJ and *IOSYSCFG special
authority to use the wizard. See Directory Services (LDAP) for information.
- Run the ldapsearch -h hostname -s
base objectclass=* task on the LDAP server command line to verify
that the server is installed and working properly.
- Perform the following steps as a guide to
create the WebSphere Portal Express administrative
user:
- Create a new user with the Windows administrative
tools. Note: There is a 20 character limitation for the user account
name.
- Set the password for the new user.
- Activate the new user with the Windows administrative
tools. Set the msDS-UserAccountDisabled attribute to false.
- Perform the following steps to enable SSL for Active Directory; this step is required
to set passwords during sign up and user creation:
- Install an Enterprise Certificate Authority on a Windows 2000
Domain Controller, which installs a certificate on a server or install a third-party
certificate on the Domain Controller.
- Click .
- In the Active Directory Users
and Computers window, right-click on your domain name and select Properties.
- In the Domain Properties dialog box, select the Group
Policy tab.
- Select the Default Domain Policy group
policy and then click Edit.
- Select Windows Settings under Computer
Configuration.
- Select Security Settings and then select Public
Key Policies.
- Select Automatic Certificate Request Settings.
- Use the wizard to add a policy for Domain Controllers. Note: When these requirements are complete, all domain controllers request
a certificate and support LDAP over SSL using port 636.
Parent topic: Preparing user registries on i5/OS
|
|
|
Portal, Express Beta Version 6.1