Windows cluster: Configure WebSphere Portal to use dynamic groups in a clustered environment

By default, WebSphere Portal is enabled for static groups. However, the Virtual Member Manager (VMM) allows users to be members of either static or dynamic groups. Static groups are those where a persistent binding exists between a group and its members. Dynamic groups are those where a search query is defined to retrieve the members of a group. If you have LDAP server configured to use dynamic groups, complete the steps in this task for WebSphere Portal to use dynamic group queries when you setup LDAP server.

Perform the required tasks to configure either a stand-alone or federated LDAP server security.

The steps in this task use groupOfURLs as the object class for dynamic groups and memberURL as the dynamic membership attribute. The actual values for object classes and dynamic membership attributes can vary depending on LDAP server. For this reason, you should export an LDIF file to verify the object classes and dynamic membership attributes. Either refer to LDAP documentation or ask LDAP administrator for instructions on exporting an LDIF file.

Perform the following steps on the Deployment Manager then synchronize the nodes.

To configure WebSphere Portal to use dynamic groups, do the following:

  1. Choose the appropriate set of steps, depending on LDAP server environment:

    Steps for enabling dynamic groups

    LDAP server environment Steps to perform
    Stand-alone LDAP server or federated LDAP server(s)

    1. cd WP_PROFILE/cells/cell_name/wim/config.

    2. Locate and open wimconfig.xml with any text editor.

    3. Add the following line to the <config:groupConfiguration> tag:

        <config:dynamicMemberAttributes name="memberurl" objectClass="groupofurls"/>

    4. Save and close wimconfig.xml.

    Federated LDAP server(s)

    1. Log in to the administration console.

    2. Select Security -> Secure administration, applications, and infrastructure.

    3. Under Available realm definitions, select Federated repositories and click Configure.

    4. Under Related Items, click Manage repositories.

    5. Select the appropriate repository from the list.

    6. Under Additional Properties, click Group attribute definition then click Dynamic member attributes.

    7. Click New and specify values for the Name and Object class fields as appropriate. For example,

      • Name: memberurl

      • Object class: groupofurls

    8. Click OK and save the changes to the master configuration.

  2. Stop and restart the appropriate servers to propagate the changes.


Parent

Choose the user registry model on Windows in a clustered environment

 


+

Search Tips   |   Advanced Search