Update the federated LDAP user registry on i

After creating and using the LDAP user registry in the default federated repository, you may find that LDAP user registry is not working exactly as you would like. You can update the LDAP user registry and make the necessary changes. For example, you can change LDAP Bind password.

In single server environments, you do not have to start or stop the WebSphere_Portal and server1 servers to complete the following steps. In clustered environments, stop all application servers on system, including WebSphere_Portal, then start the nodeagent and dmgr servers before you begin any of the following steps.

To update the LDAP user registry in the default federated repository: The wp-update-federated-ldap task does not modify the administrative users, the entity types, the LDAP entity types, the LDAP group membership attributes, the LDAP group configuration, or the LDAP context pool. See the separate tasks for updating these parameters. Use the wp_add_federated_xxx.properties helper file, located in...

...when performing this task to ensure the correct properties are entered. In the instructions below, when the step refers to wkplc.properties, you will use wp_add_federated_xxx.properties helper file.

  1. Edit WP_PROFILE/ConfigEngine/properties/wkplc.properties

  2. Enter the following parameters in wkplc.properties under the Federated LDAP repository heading to identify the existing LDAP user registry that you want to update:

        federated.ldap.id
        federated.ldap.host
        federated.ldap.baseDN
        federated.ldap.ldapServerType

  3. Update the following required parameters in wkplc.properties under the Federated LDAP repository heading:

        federated.ldap.port
        federated.ldap.bindDN
        federated.ldap.bindPassword

  4. Save changes to wkplc.properties.

  5. Run the ConfigEngine.sh validate-federated-ldap -DWasPassword=foo task to validate LDAP server settings.

    If you have not deleted the default file repository, WasPassword is the value entered during installation and not a value found in LDAP user registry. During the validation task, you may receive the following prompt: Add signer to the trust store now?. Press y then Enter.

  6. Run the ConfigEngine.sh wp-update-federated-ldap -DWasPassword=foo task, from the WP_PROFILE/ConfigEngine, to update the LDAP user registry in the default federated repository.

  7. Stop and restart the appropriate servers to propagate the changes.

If you created clustered environment then performed the steps in this task, now run the update-jcr-admin task on the secondary node. See Enable LDAP security after cluster creation for instructions.


Parent

Update user registry on i


Related tasks


Start and stop servers, dmgrs, and node agents
Enable LDAP security after cluster creation

 


+

Search Tips   |   Advanced Search