Change from a stand-alone repository to a federated repository on i

If you originally configured a standalone LDAP user registry but find that you need a more robust security configuration, you can change to the federated user repository.

In single server environments, you do not have to start or stop the WebSphere_Portal and server1 servers to complete the following steps. In clustered environments, stop all application servers on system, including WebSphere_Portal, then start the nodeagent and dmgr servers before you begin any of the following steps.

Change from a standalone LDAP user registry to a federated repository: Use the wp_security_federated.properties helper file, located in...

...when performing this task to ensure the correct properties are entered. In the instructions below, when the step refers to wkplc.properties, you will use wp_security_federated.properties helper file.

  1. Edit WP_PROFILE/ConfigEngine/properties/wkplc.properties

  2. Required: Enter a value under VMM Federated repository properties:

        federated.primaryAdminId
        federated.realm
        federated.serverId
        federated.serverPassword

  3. Save changes to wkplc.properties.

  4. Run the ConfigEngine.sh wp-modify-federated-security -DWasPassword=foo -Dskip.ldap.validation=true task, from the WP_PROFILE/ConfigEngine, to change the configuration to use a federated repository.

  5. Stop and restart the appropriate servers to propagate the changes.

If you created clustered environment then performed the steps in this task, now run the update-jcr-admin task on the secondary node. See Enable LDAP security after cluster creation for instructions.


Parent

Update user registry on i


Related tasks


Start and stop servers, dmgrs, and node agents
Enable LDAP security after cluster creation

 


+

Search Tips   |   Advanced Search