WebSphere Portal, Express Beta Version 6.1
Operating systems: i5/OS, Linux,Windows

 

Updating the LDAP user registry on Windows

After creating and using the LDAP user registry in the default federated repository, you may find that your LDAP user registry is not working exactly as you would like. You can easily update the LDAP user registry and make the necessary changes.

Perform the following steps to update the LDAP user registry in the default federated repository:

  1. Use a text editor to open the wkplc.properties file, located in the wp_profile\ConfigEngine\properties directory.

  2. Update the following required parameters in the wkplc.properties file under the Federated LDAP repository heading:

    1. For federated.ldap.id, type the unique ID for the LDAP user registry.

    2. For federated.ldap.host, type the hostname of the primary LDAP server.

    3. For federated.ldap.port, type the port number for the LDAP server.

    4. For federated.ldap.bindDN, type the user ID that binds WebSphere Application Server to the LDAP server to retrieve user attributes for authentication. Leave blank to make the LDAP server read-only and to allow anonymous access to the LDAP server. Note: Type the value in lower case, regardless of the case used in the distinguished name.

    5. For federated.ldap.bindPassword, type the password for the LDAP bind user ID. If federated.ldap.bindDN is blank, this parameter must also be blank.

    6. For federated.ldap.ldapServerType, type the appropriate value for your LDAP server. Note: If your LDAP server version is not listed, enter the value for the highest listed version of your server.

    7. For federated.ldap.baseDN, type the distinguished name of the base entry.

  3. Optional: Update the following optional parameters in the wkplc.properties file under the Federated LDAP repository heading:

    1. For federated.ldap.adapterClassName, type the adapter class name.

    2. For federated.ldap.supportSorting, type true to support sorting or false to not support sorting.

    3. For federated.ldap.supportTransaction, type true to support transactions or false to not support transactions.

    4. For federated.ldap.isExtIdUnique, type true if the external ID is unique or false if the external ID is not unique.

    5. For federated.ldap.supportExternalName, type true if the external names are supported or false if external names are not supported.

    6. For federated.ldap.supportPaging, type true if paging is supported or false if paging is not supported.

    7. For federated.ldap.authentication, type the authentication method for your user registry.

    8. For federated.ldap.referral, indicate how to handle LDAP referrals; the default value is ignore.

    9. For federated.ldap.derefAliases, indicate how to dereference aliases; the default value is always.

    10. For federated.ldap.connectionPool, type a value for the connection pool; the default value is false.

    11. For federated.ldap.connectTimeout, type a numeric value to specify the number of seconds after which the connection will timeout.

    12. For federated.ldap.translateRDN, type true to translate the RDN or false to not translate the RDN.

    13. For federated.ldap.default, type true to set the default values for the remaining parameters or false to enter the remaining parameters manually.

  4. Optional: Update the following parameters to enable search features for your LDAP server:

    1. For federated.ldap.searchPageSize, type a numeric value to specify the search page size.

    2. For federated.ldap.searchCountLimit, type a numeric value to specify the count limit.

    3. For federated.ldap.searchTimeLimit, type a numeric value to specify the number of seconds after which the search will timeout.

  5. Optional: Update the following parameters to enable Secure Socket Layers (SSL):

    1. For federated.ldap.sslEnabled, type true to enable SSL communication with the LDAP server.

    2. For federated.ldap.sslConfig, enter a value for the SSL configurations.

    3. For federated.ldap.certificateMapMode, type EXACT_DN to map X.509 certificates into an LDAP directory by exact distinguished name or certificatefilter to map X.509 certificates by a certificate filter. Note: If you type certificatefilter, enter a value in federated.ldap.certificateFilter.

    4. For federated.ldap.certificateFilter if federated.ldap.certificateMapMode=certificatefilter, enter the LDAP filter that maps attributes in the client certificate to entries in the LDAP directory.

  6. Save your changes to the wkplc.properties file.

  7. Run the ConfigEngine.bat validate-federated-ldap task to validate your LDAP server settings.

  8. Run the ConfigEngine.bat wp-update-ldap task, located in the wp_profile\ConfigEngine directory to add an LDAP user registry to the default federated repository.

  9. Perform the following steps to stop and restart the server1 and WebSphere_Portal servers:

    1. Open a command prompt and change to the wp_profile_root\bin directory.

    2. Enter the stopServer.bat server1 -user admin_userid -password admin_password command to stop the WebSphere Application Server.

    3. Enter the stopServer.bat WebSphere_Portal -user admin_userid -password admin_password command to stop the WebSphere Portal Express server.

    4. Enter the startServer.bat server1 command.

    5. Enter the startServer.bat WebSphere_Portal command.
Parent topic: Updating your user registry on Windows
Library | Support | Terms of use |