Set up IBM SecureWay Security Server for z/OS and OS/390

 

+
Search Tips   |   Advanced Search

 

Use this information to set up SecureWay Security Server as our LDAP server.

 

Overview

This topic contains information on creating a new portal administrative user in SecureWay Security Server and configuring a secure connection to the LDAP server. Use the following steps as a guide to set up the environment.

• Creating a new user as the portal administrator
  • Creating a new user for Windows and UNIX

  • Creating a new user for i5/OS

• Example of the  SecureWay Security Server structure

 

Create a new user as the portal administrator

Creating a new user for Windows and UNIX

Use the following steps if the portal administrative user does not exist in SecureWay Security Server. These directions also assume that you are creating a new directory suffix for this user. If you already have a directory suffix, skip steps 1 through 3 and begin with step 4:

1. In the SecureWay Security Server console, click the Server Administration folder on the left-hand navigation. Click the Manage Server Properties folder underneath it, and then click on the Suffixes link on the right-hand side of the main page.

2. Type the name of the Base DN to be used as the suffix, for example, dc=yourco,dc=com. Click Add to add the suffix.

3. When you are finished adding the suffix, click OK to save your changes.

4. Stop and start the LDAP server.

5. If you choose to use the LDIF file, locate PortalUsers.ldif in the root directory on the CD Setup, and open it in a text editor.

   Notes:

   • The PortalUsers.ldif file is provided as a working example and needs to be adapted appropriately to work with your LDAP server.

   • If you have configured IBM DB2Content Manager, there is a separate LDIF file. Use ContentUsers.ldif for the DB2 Content Manager group and user IDs.

6. Replace all occurrences of dc=yourco,dc=com with the suffix that you are using. Also, replace any prefixes and suffixes that are unique to the LDAP server. We can specify user names other than wpsadmin and wpsbind if we want. For security reasons, you should specify non-trivial passwords for these administrator accounts because it is easier to specify them now than to change them after installation. Save the changes.

7. Follow the instructions provided with the SecureWay Security Server to import PortalUsers.ldif.

   Importing the PortalUsers.ldif file could overwrite existing user data.

8. Stop and restart the LDAP server.

9. After the portal installation, if you did not specify non-trivial passwords for the administrator IDs in the LDIF file, IBM recommends that you change the passwords for these user IDs. See Change passwords for instructions.

Creating a new user for i5/OS

You will need to create a portal administrative user if one does not already exist. It is assumed that you are creating a new directory suffix for this user. If you already have a directory suffix, we can skip the instructions for creating one.

1. For instructions on how to create a suffix, read Add suffixes to the LDAP directory server.

2. Stop and start the LDAP server. Skip this step if you did not just create a directory suffix for the portal administrative user.

3. If you choose to use the LDIF file, locate PortalUsers.ldif in the root directory on the CD Setup, and open it in a text editor.
   1. Replace all occurrences of dc=yourco and dc=com with the suffix that you are using.

   2. Also, replace any prefixes and suffixes that are unique to the LDAP server. We can specify user names other than wpsadmin and wpsbind if we want.

   3. Pre-Portal installation: For security reasons, you should specify non-trivial passwords for these administrator accounts because it is easier to specify them now than to change them after installation.

      Post-portal installation: If you did not specify non-trivial passwords for the administrator IDs in the LDIF file, IBM recommends that you change the passwords for these user IDs. Follow the instructions in Change passwords.

   4. For instructions on how to import LDIF files, read Import an LDIF file.

For additional information on the SecureWay Security Server, refer to the topic in the System i5 information center.

 

Example of the  SecureWay Security Server structure

The following schema is an example for SecureWay Security Server and is referenced throughout the documentation for consistency. The example below is designed to help you determine the appropriate values when configuring WebSphere Portal to work with the specific directory layout. The values shown match the default values for this LDAP. If you have an existing schema that varies from this example, replace the example values with the values. For instance, cn is shown as the group prefix; replace cn with the group prefix for the schema.

LDAP suffix="dc=yourco,dc=com" user prefix="uid" user suffix="cn=users" group prefix="cn" group suffix="cn=groups" Portal administrator DN="uid=wpsadmin,cn=users,dc=yourco,dc=com" Portal administrator group="cn=wpsadmins,cn=groups,dc=yourco,dc=com"

 

Parent Topic

IBM SecureWay Security Server for z/OS and OS/390

 

Previous topic

Create required LDAP users and groups

 

Next topic

Disable WAS global security

 

---