Properties file: wkplc.properties

Properties file: wkplc.properties

1. About the properties file

When specifying values:

Do NOT enclose any value in quotes. This will cause a failure in the configuration tasks.
Windows paths must use a forward slash (/) instead of a backward slash. A backward slash is an escaped character.
Windows long paths are acceptable.
Properties are immutable. Once set, they cannot be changed when a configuration task is running.
Property values can be defined in three ways: on the command line, in this property file, and in a build file. The configuration task uses the following order to determine the property value:

First the task checks the command line values, so specifying (-DMyNode=somenode) takes precedence.
Second, the task checks the property file values.
Third, the task checks the build file property values.

WasSoapPort

Description Port used to connect to the WAS with remote connections.
Default 10005
Examples None available

WasRemoteHostName

Description Name of host running the deployment manager server process.
Default @your_host_name@
Examples None available

RegistrySynchronized

Description Tells the system if the registry is synchronized or not. Set to false to force a synchronization.
Default true
Examples None available

2. General properties

2.1. WAS properties

Provide information about the WAS used in the WebSphere Portal stack.

VirtualHostName

Description Name of the WAS virtual host.
Default default_host
Examples None available

WasUserid

Description User ID for WAS security authentication. Type the value in lower case, regardless of the case used in the DN. For an LDAP configuration this value cannot contain spaces. For an LDAP configuration this should be the fully qualified DN of a current administrative user for the WAS. For a configuration using a Virtual Manager User Registry database, the short version of the distinguished name must be used.
Default wpsadmin
Examples:

Custom User Registry: {wpsbind}
IBM Tivoli Directory Server: { uid=wpsbind,cn=users,dc=myco,dc=com }
IBM Lotus Domino: { cn=wpsbind,o=myco.com }
Oracle Directory Server: { uid=wpsbind,ou=people,o=myco.com }
Novell eDirectory { uid=wpsbind,ou=people,o=myco.com }
Windows Active Directory: { cn=wpsbind,cn=users,dc=myco,dc=com }
Windows Active Directory-Lightweight-Directory-Services: { cn=wpsbind,cn=users,dc=myco,dc=com }

WasPassword

Description Password for the user ID specified for WAS security authentication. The WasPassword parameter can be specified in this file or we can pass it on the command line using the -DWasPassword string.
Default ReplaceWithYourWASUserPwd
Examples None available

WasHome

Description Directory where WAS product files are installed. Set based on user input during installation.
Default @was.root@
Examples

AIX: /usr/WebSphere/AppServer
IBM i: /QIBM/UserData/WebSphere/AppServer
Linux: /opt/WebSphere/AppServer
Solaris: /opt/WebSphere/AppServer
Windows: c:/WebSphere/AppServer

WasUserHome

Description Directory where WAS user data (profile) is created. Set based on user input during installation.
Default @was.user.root@
Examples
AIX: /usr/WebSphere/profile
IBM i: /QIBM/UserData/WebSphere/AppServer/V8/ND/profiles/profile
Linux: /opt/WebSphere/profile
Solaris: /opt/WebSphere/profile
Windows: c:/WebSphere/profile

CellName

Description Name of the WAS cell where the WAS is located.
Default @CellName@
Examples None available

NodeName

Description Node within the WAS cell where the WAS is located. This value must be unique among other node names in the same cell.Typically this value is the same as the host name for the computer.
Default @NodeName@
Examples None available

ServerName

Description Name of the application server where the WebSphere Portal application is deployed. This value must be unique among other application server names in the same cell.
Default WebSphere_Portal
Examples None available

WasAdminServer

Description Name of the application server for administration. For IBM i, if the WAS profile was created with a different WAS administrative server name, you should change this value to reflecthat.
Default server1
Examples server1

LTPAPassword

Description Password to encrypt and decrypt the LTPA keys.
Default No default value
Examples None available

wasJvmBitType

Description This value is a Solaris specific property that specifies whether to use the 64 bit or 32 bit JVM.
Default sparc32
Examples 32bit JVM: sparc32, x86, or ia32
64 bit JVM: sparc64 or x64

2.2. WebSphere Portal configuration properties

Provide basic information about WebSphere Portal, such as installation directory, ports numbers, user IDs and passwords, and more.

WpsInstallLocation

Description Directory where WebSphere Portal is installed.
Default c:/IBM/WebSphere/Portal
Examples
AIX: /usr/IBM/WebSphere/PortalServer
IBM i: /QIBM/ProdData/WebSphere/PortalServer/V7
Linux: /opt/IBM/WebSphere/PortalServer
Solaris: /opt/IBM/WebSphere/PortalServer
Windows: c:/IBM/WebSphere/PortalServer

WpsHostName

Description Fully qualified WebSphere Portal host name or the name of the Web server that WAS is configured to use. Set by the installation program based on user input during installation.
Default localhost
Examples In the following example, machinename is the WpsHostName value:
http://machinename:80/wps/portal

WpsHostPort

Description Transport port number used to access the host machine identified by the WpsHostName property.
Default 80
Examples In the following example 80 is the WpsHostPort value:
http://localhost:80/wps/portal

PortalAdminId

Description User ID for the WebSphere Portal administrator. Set based on user input during installation. The user ID cannot contain a space: for example, user ID. The user ID cannot be longer than 200 characters.
If this parameter is provided via -D on commandline. Some tasks require the fully qualified user ID. If ID contains a space; for example:

cn=wpsadmin,cn=users,l=SharedLDAP,c=US,ou=Lotus,o=Software Group,dc=ibm, dc=com,

...then place the ID in the properties file or into a parent properties file instead of as a flag on the command line.

For example, create a file called mysecurity.properties, enter the fully qualified user ID, and then run...
./ConfigEngine.sh task_name -DparentProperties=/opt/mysecurity.properties

Default wpsadmin
Examples:

No security: PortalAdminId=wpsadmin
IBM Tivoli Directory Server: { uid=,cn=users,dc=myco,dc=com }
IBM Lotus Domino: { cn=,o=myco.com }
Novell eDirectory { uid=,ou=people,o=myco.com }
Oracle Directory Server : { uid=,ou=people,o=myco.com }
Windows Active Directory: { cn=,cn=users,dc=myco,dc=com }
Windows Active Directory-Lightweight-Directory-Services: { cn=,cn=users,dc=myco,dc=com }

PortalAdminPwd

Description Password for the WebSphere Portal administrator. Set based on user input during installation. The password cannot contain a space, for example, pass word. The password cannot be longer than 128 characters.
Default No default value
Examples None available

PortalAdminGroupId

Description Group ID for the WebSphere Portal administrator group. Set based on user input during installation.
Default wpsadmins
Examples:

IBM Tivoli Directory Server: {cn=portaladmingroupid,cn=groups,dc=myco,dc=com }
Lotus Domino: { cn=portaladmingroupid }
Windows Active Directory: { cn=portaladmingroupid,cn=groups,dc=myco,dc=com }
Windows Active Directory-Lightweight-Directory-Services: { cn=portaladmingroupid,cn=groups,dc=myco,dc=com }
Oracle Directory Server: { cn=portaladmingroupid,ou=groups,o=myco.com }
Novell eDirectory Portal: { cn=portaladmingroupid,ou=groups,o=myco.com }
Custom user registry: cn=wpsadmins,o=default organization
Development configuration without security: wpsadmins

PortalUniqueID

Description Used for the object ID creation mechanism. Has to be different for each node. The ID is 12 hex digits that are unique to this WebSphere Portal instance. Usually a MAC address from a communications adapter on this node. Nodes running on one machine can have the same PortalUniqueID.
Default 00054E48AA0C
Examples None available

WpsContextRoot

Description WebSphere Portal context root or base URI. All URLs beginning with this path will be reserved for WebSphere Portal. The value of this property is part of the URL used to access WebSphere Portal from a browser.
Default wps
Examples In the following example, wps is the WpsContextRoot value:
http://localhost:80/wps/portal

WpsHostBasePort

Description Required for IBM i only. Port block that will be used for the WebSphere Portal Server.
Default 10000
Examples None available

SMFLibrary

Description Required for z/OS only. The library where the ifaedjreg.jar file resides
Default No default value
Examples None available

SMFNativeLibrary

Description Required for z/OS only. This value is the library where the SMF DLLs reside.
Default No default value
Examples None available

ServerShortName

Description Required for z/OS only. Server's jobname, as specified in the MVS START command JOBNAME parameter. JOBNAME is the name of the task or script that runs when the server is running. MVS (Multiple Virtual Storage) is the name of the operating system that runs on the mainframe. This value is also passed as a parameter to the server's start procedures to specify the location of the server's configuration files and identify the server to certain WebSphere for z/OS- exploited z/OS facilities (for example, SAF).
Default BBOS002
Examples SAF

ClusterTransitionName

Description Required for z/OS only. Cluster transition name of the WLM APPLENV (WLM application environment) name for this server.
Default BBOC002
Examples None available

WpsSMPEHomeDirectory

Description Required for z/OS only. This value is the location of the SMP/E installation image for the WebSphere Portal SMP/E package.
Default No default value
Examples None available

TransferDomainList

Description Required for database transfer List of database domains that will be transferred by the database-transfer process. Should not be altered unless to include or exclude specific domains from the transfer process.
Default release,community,customization,jcr,feedback,likeminds
Examples None available

3. WebSphere Portal cluster properties

The following properties are used if you have a clustered environment.

ClusterName

Description Cluster name to use when creating the cluster. Do not use spaces or special characters in the cluster name.
Default PortalCluster
Examples None available

PushFrequency

Description Time, in seconds, to wait before pushing new or modified cache entries to other servers. Enter a value of 1 or greater.
Default 1
Examples None available

ReplicationType

Description Global sharing policy for this application server. Cache entries are not shared among different appservers. Only invalidation events are send among servers in the replication domain.
Default NONE
Examples None available

PrimaryNode

Description Specifies whether we are on the primary node or not.
Default true
Examples None available

4. Step-up authentication properties

Step-up authentication enables you to require a stronger level of authentication to access certain pages and assets than the authentication that the client used when initially entering the portal site.

sua_user

Description Key which is used to encrypt the Cookie information. The value does not need to match to a real user.
Default No default value
Examples myname

sua_serversecret_password

Description Encryption key for the information used in the RememberMe cookie, which is part of the step-up authentication. This does not need to be an existing password.
For example, we can use mypassword as the value.
Default No default value
Examples None available

enable_rememberme

Description Whether the Remember me cookie should be enabled when the enable-stepup-authentication task is run.
Default true
Examples None available

disable_rememberme

Description Whether the Remember me cookie should be disabled when the disable-stepup-authentication task is run.
Default true
Examples None available

5. Virtual portal configuration properties

Configuration tasks that use the virtual portal configuration properties include: create-virtual-portal, delete-virtual-portal, modify-virtual-portal, list-all-virtual-portals

VirtualPortalTitle

Description Title of the Virtual Portal.
Default No default value
Examples None available

VirtualPortalRealm

Description Realm used for the virtual portal defined in VirtualPortalTitle.
Default No default value
Examples None available

VirtualPortalHostName

Description DNS name of the virtual portal. The virtual portal can be referenced by the DNS name instead of the URL prefix. When the value is left blank, a virtual portal will use the common DNS name for all portals.
Default No default value
Examples None available

VirtualPortalContext

Description Unique portal context. If set the host name parameter, VirtualPortalHostName, the portal context is ignored. A virtual portal can either be accessed by a DNS/Host name or a URL prefix. When both a DNS/Host name and URL prefix are provided, the DNS/Host name will be used for VirtualPortalContext.
Default No default value
Examples None available

VirtualPortalNlsFile

Description An optional file which contains language specific information for the Virtual Portal. Create an NLS file to specify additional titles and descriptions in other languages for the Virtual Portal. Descriptions can only be provided in an NLS file. Do not use prefixes is that NLS file. If you do not specify an NLS file, the Virtual Portal is created with the title that you give as the value to the VirtualPortalTitle parameter only. Titles and descriptions are not created for other languages. However, if we specify an NLS file, the value given for the virtual portal title in the NLS file overrides the value that you provide for the VirtualPortalTitle property. To create a description for the virtual portal, you have to specify this in an NLS file. To modify the title or description of the Virtual Portal, add the new title and description to the NLS file.
Default No default value
Examples None available

VirtualPortalObjectId

Description Object ID of the virtual portal.The object ID is required to modify and delete Virtual Portals. To determine what this value is, run the following task: list-all-virtual-portals. Do not delete the default Virtual Portal.The Object ID for the default Virtual Portal ends with _0.
Default No default value
Examples None available

6. General security properties

ignoreDuplicateIDs

Description Set to true to recover from an incomplete LDAP repository creation if the repository cannot be deleted.
Default false
Examples None available

trimSpaces

Description Set to false and add the attribute to the security ANT target in order to contain trailing spaces of attributes defined in this file.
Default true
Examples None available

7. Federated security properties

7.1. Add or update an LDAP

Use the properties in this section to create (wp-create-ldap) or update (wp-update-federated-ldap) the LDAP configuration in virtual member manager (VMM). If we are updating the LDAP configuration, the federated.ldap.id and federated.ldap.host must match the repository to update.

federated.ldap.id

Description Unique identifier for the repository within the cell. During an update, this value must match the ID of the repository to be updated. Characters that are not allowed in normal XML strings ( & < > " ' )cannot be used in the repository ID. Should be no longer than 36 characters.
Default No default value
Examples None available

federated.ldap.host

Description Host name of the primary LDAP server. This host name is either an IP address or a DNS name. During an update, this value must match the ID of the repository to be updated.
Default No default value
Examples None available

federated.ldap.port

Description LDAP server port.
Default 389
Examples None available

federated.ldap.bindDN

Description Distinguished name for the application server to use when binding to the LDAP repository.
Default No default value
Examples None available

federated.ldap.bindPassword

Description Password for the application server to use when binding to the LDAP repository.
Default No default value
Examples None available

federated.ldap.ldapServerType

Description Type of LDAP server to which you connect.
Default No default value
Examples IDS

federated.ldap.baseDN

Description LDAP base entry.
Default No default value
Examples ou=admins,dc=myco,dc=com

7.1.1. Group and PersonAccount entity types

The supported entity types are Group and PersonAccount. Group entity type:

<empty>
default objectClasses = groupOfNames
default objectClassesForCreate = groupOfNames
default searchBases = <empty>

PersonAccount entity type:

default searchFilter = <empty>
default objectClasses = inetOrgPerson
default objectClassesForCreate = inetOrgPerson
default searchBases = <empty>

7.1.2. LDAP properties for Group member attributes

Provide information used to add or update the federated LDAP Group member attributes.

federated.ldap.et.group.searchFilter

Description Search filter to use to search for entity type. VMM uses this filter as an addition during search requests in the environment. The syntax is like a standard LDAP searchfilter. If this parameter is blank, VMM will formulate the filter as...
(&(uid=*)(objectClass=user))

Default No default value
Examples (objectclass=groupOfUniqueNames)

federated.ldap.et.group.objectClasses

Description Specifies one or more object classes (separated by ';') for the entity type.
Default groupOfUniqueNames
Examples None available

federated.ldap.et.group.objectClassesForCreate

Description Specifies one or more object classes (separated by ';') to use when an entity type is created. If the value of this parameter is the same as the objectClass parameter, you do not need to specify this parameter.
Default No default value
Examples None available

federated.ldap.et.group.searchBases

Description Search base or bases to use while searching for entity type. Multiple search bases are separated by semicolon (";"). If search bases are not specified, then VMM will search under the nodes defined in nodeMaps tag. Therefore we can improve performance if we specify search bases, limiting or reducing the number of search bases. If this is a multiple virtual portal environment, the realm definition of the virtual portal overwrites the searchBase for the objectType. To keep virtual portals that do not have a realm assigned to them functional, keep the searchBase in sync with the nodes where you want the search to start.
Default No default value
Examples "cn=users1,dc=myco,dc=com;cn=users2,dc=myco,dc=com"

federated.ldap.et.personaccount.searchFilter

Description The search filter to use to search the entity type. VMM uses this filter as an addition during search requests in the environment. The syntax is like a standard LDAP searchfilter. If no value is specified for this parameter or if this parameter is blank, VMM will formulate the filter as (&(uid=*)(objectClass=user)).
Default No default value
Examples (objectclass=inetOrgPerson)

federated.ldap.et.personaccount.objectClasses

Description One or more object classes (separated by ';') for the entity type. Only use those objectclasses that are unique to users: If there are both users and groups with objectclass 'top', then you must not use this object class here.
Default inetorgperson
Examples None available

federated.ldap.et.personaccount.objectClassesForCreate

Description One or more object classes (separated by ';') to use when an entity type is created. If the value of this parameter is the same as the objectClass parameter, you do not need to specify this parameter.
Default No default value
Examples None available

federated.ldap.et.personaccount.searchBases

Description Search base or bases to use while searching the entity type. Multiple search bases are separated by semicolon (";"). If search bases are not specified, then VMM will search under the nodes defined in nodeMaps tag. Therefore we can improve performance if we specify search bases, limiting or reducing the number of search bases.
Default No default value
Examples cn=users1,dc=myco,dc=com;cn=users2,dc=myco,dc=com"

federated.ldap.gm.groupMemberName

Description LDAP attribute used as the group member attribute.
Default uniqueMember
Examples uniqueMember
Member

federated.ldap.gm.objectClass

Description Group object class containing the member attribute. If not defined, the member attribute applies to all group object classes.
Default groupOfNames
groupOfUnqiueNames

federated.ldap.gm.scope

Description Scope of the member attribute.
Default direct
Examples None available

federated.ldap.gm.dummyMember

Description If you create a group without specifying a member, a dummy member will be filled in to avoid creating an exception about missing a mandatary attribute. For Novell eDirectory servers, Oracle Directory Server and Windows Active Directory, the value has to be empty or point to an existing entry in the LDAP directory.
Default uid=dummy
Examples None available

7.1.3. Advanced properties for Group configuration

Provide information used to add or update the federated LDAP user registry.

federated.ldap.gc.name

Description The name of the membership attribute.
Default No default value
Examples None available

federated.ldap.gc.updateGroupMembership

Description This value updates the group membership if the member is deleted or renamed. Some LDAP servers, such as Domino server, do not clean up the membership of the user when a user is deleted or renamed. If you choose these LDAP server types in the ldapServerType property, the value of this parameter is set to true. Use this parameter to change the value.
Default false
Examples None available

federated.ldap.gc.scope

Description Scope of the member attribute.
Default direct
Examples None available

federated.ldap.adapterClassName

Description Implementation class name for the repository adapter.
Default com.ibm.ws.wim.adapter.ldap.LdapAdapter
Examples None available

federated.ldap.supportSorting

Description This value indicates if sorting is supported or not.
Default false
Examples None available

federated.ldap.supportTransactions

Description This value indicates if transactions are supported or not.
Default false
Examples None available

federated.ldap.isExtIdUnique

Description Specifies if the external ID is unique.
Default true
Examples None available

federated.ldap.supportExternalName

Description Specifies if external names are supported or not.
Default false
Examples None available

federated.ldap.sslEnabled

Description Whether secure socket communication is enabled to the LDAP server. When enabled (true), the SSL settings for LDAP are used.
Default false
Examples None available

federated.ldap.sslConfiguration

Description Name of the application server SSL configuration (such as mySSLconfig) to be used for SSL enabled LDAP server. Application Server SSL configuration names can be found in WebSphere Application Server Administrative console at Security-SSL certificate and key management. Specify a non-default SSL configuration if federated.ldap.sslEnabled is set to true.
Default No default value
Examples mySSLconfig

federated.ldap.certificateMapMode

Description Whether to map X.509 certificates into a LDAP directory by exact distinguished name or certificate filter. Specify the certificate filter to use for the mapping if client certificate authentication is used for portal server. If certificate filter is selected standalone.ldap.certificateFilter need to be configured accordingly.
Default EXACT_DN
Examples None available

federated.ldap.certificateFilter

Description Filter used to map attributes in the client certificate to entries within the LDAP repository. Specifies the filter certificate mapping property (use CERTIFICATE_FILTER as value for standalone.ldap.certificateMapMode) for the LDAP filter if client certificate authentication is used for portal server.
Default No default value
Examples uid=${SubjectCN}

federated.ldap.supportPaging

Description This value indicates if paging is supported or not.
Default false
Examples None available

federated.ldap.authentication

Description This value indicates the authentication method to use.
Default simple
Examples None available

federated.ldap.loginProperties

Description This value indicates the property name used for login.
Default uid
Examples None available

federated.ldap.referral

Description This value indicates how the LDAP server should handle referrals to other LDAP servers.
Default ignore
Examples None available

federated.ldap.derefAliases

Description This value controls how aliases are dereferenced.
Default always
Examples None available

federated.ldap.connectionPool

Description Whether to use the connection pool.
Default false
Examples None available

federated.ldap.connectTimeout

Description Connection timeout measured in seconds.
Default 0
Examples None available

federated.ldap.primaryServerQueryTimeInterval

Description This value indicates the polling interval for testing the primary server availability. The value of this parameter is specified in minutes.
Default 15
Examples None available

federated.ldap.returnToPrimaryServer

Description This value indicates to return to the primary LDAP server when it is available.
Default true
Examples None available

federated.ldap.searchPageSize

Description Search page size, which represents the number of entries per page.
Default No default value
Examples None available

federated.ldap.searchCountLimit

Description Search count limit.
Default 500
Examples None available

federated.ldap.searchTimeLimit

Description Search time limit measured in milliseconds.
Default 120000
Examples None available

federated.ldap.translateRDN

Description This value indicates whether to translate RDN or not.
Default false
Examples None available

federated.ldap.cp.maxPoolSize

Description Maximum number of context instances that can be maintained concurrently by the context pool.
Default 20
Examples None available

7.2. Add or update database

The following properties are used for creating or updating a database user registry configuration. Database modification tasks of VMM need a connection to a running server instance. Check the Server is running prior to running these tasks: wp-create-db or wp-update-db

federated.db.DataSourceName

Description Specifies the JNDI name of the data source used to access the federated database domain.
Default vmmfeddbDS
Examples None available

federated.db.DbType

Description Type of database to be used for VMM Federated database domain for information about supported values. Please check wkplc_comp.properties.
Default db2
Examples None available

federated.db.DbUrl

Description Federated domain database URL for information about supported values. Please check wkplc_dbdomain.properties. Seach for release.DbUrl
Default jdbc:db2:vmmfeddb
Examples None available

federated.db.DbName

Description Name of the VMM federated database. Should also appear as the database element in DbUrl. Please verify that you point to the same database.
Default vmmfeddb
Examples None available

federated.db.id

Description This ID specifies a unique identifier for the repository within the cell. Characters that are not allowed in normal XML strings ( & < > " ' ) cannot be used in the repository ID.
Default vmmDb
Examples None available

federated.db.baseDN

Description Database base entry. This is the start point where all DB entities will be stored under. Verify the uniqueness of this string.
Default No default value
Examples None available

federated.db.DbUser

Description Database administrator user ID.
Default db2admin
Examples None available

federated.db.DbPassword

Description Database administrator password.
Default ReplaceWithYourDbAdminPwd
Examples None available

7.2.1. Advanced database properties

federated.db.JdbcProviderName

Description Name of jdbc provider to be used. Keep la.JdbcProviderName in sync for the same db type. la.JdbcProviderName #DOC.DESCRIPTION.2.federated.db.JdbcProviderName =and federated.db.JdbcProviderName must be different for different database types. la.JdbcProviderName and federated.db.JdbcProviderName must be different for different database types.
Default vmmdbJDBC
Examples None available

federated.db.DbSchema

Description This value is the VMM Federated domain database schema name. Follow the documentation of the target database server in order to define a valid schema name as restrictions apply for some database management systems.
Default federate
Examples None available

federated.db.DbNameOnZos

Description Required for DB2 for z/OS and OS/390 only. If running db2_zos as remote database, the name of the remote VMM federated database. If portal is running on z/OS with db2_zos, must be set equal to DbName.
Default WPSTST02
Examples None available

federated.db.XDbName

Description TCPIP Alias for the database. This property is only required for non-Windows platforms when using DB2 with Type 2 drivers. If we are using Type 4 drivers, this value is not used. It defines the federated database alias that needs to be set to call create-database JDBC driver. The database loop back alias that needs to be set if you plan to use the create-local-database-db2 task. The value must be different from the value of dbdomain.DbName. The values for dbdomain.DbName and dbdomain.XDbName must be different in the wpconfig_dbdomain.properties file. For DB2 Content Manager Runtime Edition, this property is the database for tables.
Default wps6TCP
Examples Release, Community, Customization, VMM, and the JCR: wps6TCP
Feedback: fdbk6TCP
LikeMinds: lmdb6TCP

federated.db.DbNode

Description Required for Non-Windows platforms when using DB2 only. Node for the VMM federated domain database and needs to be set to call create-database.
Default wpsNode
Examples Release, Community, Customization, JCR, and VMM databases: wpsNode
Feedback and LikeMinds databases: pznNode

federated.db.DbStorageGroup

Description Required for DB2 for z/OS and OS/390 only. Storage group for the VMM federated database.
Default WPSSG
Examples None available

federated.db.DbVolumes

Description Required for DB2 for z/OS and OS/390 only. Volumes for the VMM federated database.
Default *
Examples None available

federated.db.DbVcat

Description Required for DB2 for z/OS and OS/390 only. This value is the VCAT for the VMM federated database.
Default DSN910
Examples None available

federated.db.Db4KBufferPoolName

Description Required for DB2 for z/OS and OS/390 only. This value is the 4K bufferpool name for the VMM federated database.
Default BP0
Examples None available

federated.db.Db32KBufferPoolName

Description Required for DB2 for z/OS and OS/390 only. This value is the 32K bufferpool name for the VMM federated database.
Default BP32K
Examples None available

7.2.2. Setting up database tables

Provide information needed to configure tables for the federated database.

federated.db.reportSqlError

Description Whether to report SQL errors while setting up databases.
Default true
Examples None available

federated.db.saltLength

Description This value is the length of the salt which is used when hashing passwords stored in the Member Manager database repository.
Default 12
Examples None available

federated.db.encryptionKey

Description Encryption key to encrypt the database user registry.
Default rZ15ws0ely9yHk3zCs3sTMv/ho8fY17s
Examples rZ15ws0ely9yHk3zCs3sTMv/ho8fY17s

federated.db.adapterClassName

Description Implementation class name for the repository adapter.
Default com.ibm.ws.wim.adapter.db.DBAdapter
Examples None available

federated.db.supportSorting

Description This value indicates if sorting is supported or not.
Default false
Examples None available

federated.db.supportTransactions

Description This value indicates if transactions are supported or not.
Default false
Examples None available

federated.db.isExtIdUnique

Description Specifies if the external ID is unique.
Default true
Examples None available

federated.db.supportExternalName

Description This value indicates if external names are supported or not.
Default false
Examples None available

federated.db.entityRetrievalLimit

Description Specifies the maximum number of entities that the system can retrieve from the database with a single database query.
Default 50
Examples None available

7.3. Custom user registry properties

The following properties are used to create or updated a custom user registry (CUR) in a federated security configuration. The properties are referenced when the following tasks are run: wp-create-cur and wp-update-federated-cur

federated.cur.id

Description This ID specifies a unique identifier for the repository within the cell. Characters that are not allowed in normal XML strings ( & < > " ' ) cannot be used in the repository ID.
Default No default value
Examples None available

federated.cur.adapterClassName

Description Implementation class name for the repository adapter.
Default No default value
Examples None available

federated.cur.baseDN

Description CUR base entry.
Default No default value
Examples None available

federated.cur.isExtIdUnique

Description Specifies if the external ID is unique.
Default true
Examples None available

federated.cur.supportExternalName

Description This value indicates if external names are supported or not.
Default false
Examples None available

federated.cur.supportPaging

Description This value indicates if paging is supported or not.
Default false
Examples None available

federated.cur.supportSorting

Description This value indicates if sorting is supported or not.
Default false
Examples None available

federated.cur.supportTransactions

Description This value indicates if transactions are supported or not.
Default false
Examples None available

7.3.1. Federated custom user registry (CUR) custom properties

The following properties and values are used to create a custom property using the wp-create-cur-custom-property task.

cur.id

Description ID of the repository, where the custom property will be created.
Default No default value
Examples None available

cur.name

Description Name of the custom property.
Default No default value
Examples None available

cur.value

Description Enter the value of the custom property.
Default No default value
Examples None available

7.4. Enable federated repository

The following properties are used when you run the wp-modify-federated-security task. The task will enable a Federated repository and the existing default realm will be renamed.

federated.primaryAdminId

Description ID of the WAS administrative user. The ID must exist in a user repository.
Default xyzadmin
Examples:

IBM Tivoli Directory Server: { uid=,cn=users,dc=myco,dc=com }
IBM Lotus Domino: { cn=,o=myco.com }
Novell eDirectory: { uid=,ou=people,o=myco.com }
Oracle Directory Server: { uid=,ou=people,o=myco.com }
Windows Active Directory: { cn=,cn=users,dc=myco,dc=com }

federated.realm

Description Realm name to be used. The existing default realm will be renamed.
Default No default value
Examples None available

federated.serverId

Description User ID in the repository used for internal process communication.
Default No default value
Examples:

IBM Tivoli Directory Server: { uid=,cn=users,dc=myco,dc=com }
IBM Lotus Domino: { cn=,o=myco.com }
Novell eDirectory: { uid=,ou=people,o=myco.com }
Oracle Directory Server: { uid=,ou=people,o=myco.com }
Windows Active Directory: { cn=,cn=users,dc=myco,dc=com }

federated.serverPassword

Description Password for the user ID in the repository used for internal process communication.
Default No default value
Examples None available

7.4.1. Advanced federated repository properties

federated.registryClassName

Description Registry class name.
Default com.ibm.ws.wim.registry.WIMUserRegistry
Examples None available

federated.ignoreCase

Description Whether the query matches case sensitivity. Not used during node federation to DMGR with WAS when LDAP security is enabled.
Default true
Examples None available

7.5. LDAP attribute configuration validation

The following properties are used with the wp-validate-federated-ldap-attribute-config and wp-update-federated-ldap-attribute-config tasks.

federated.ldap.attributes.nonSupported

Description This value is a comma separated list of attributes that will be added/removed from the list of nonsupported attributes
Default No default value
Examples None available

federated.ldap.attributes.nonSupported.delete

Description If true, then the attributes in federated.ldap.nonSupported will be deleted from the list of nonsupported attributes, else they will be added.
Default No default value
Examples None available

federated.ldap.attributes.mapping.ldapName

Description Name of the attribute in LDAP.
Default No default value
Examples None available

federated.ldap.attributes.mapping.portalName

Description Name of the attribute in portal.
Default No default value
Examples None available

federated.ldap.attributes.mapping.entityTypes

Description This value is the list of entityTypes the mapping should be applied to.
Default PersonAccount,Group
Examples None available

7.6. Delete federated repository properties

federated.delete.baseentry

Description Name of the base entry to be deleted from the default realm. If the base entry exists in other realms, it has to be deleted manually first. Leave this empty only to delete the property extension repository.
Default No default value
Examples None available

federated.delete.id

Description ID of the repository to be deleted from the VMM configuration. This parameter must be set to LA to delete the property extension repository.
Default No default value
Examples None available

8. Standalone security

8.1. Modify or updated the LDAP

The following properties are used with the wp-modify-ldap-security and wp-update-standalone-ldap tasks.

standalone.ldap.id

Description This ID specifies a unique identifier for the repository within the cell. Characters that are not allowed in normal XML strings ( & < > " ' ) cannot be used in the repository ID. Should be no longer than 36 characters.
Default No default value
Examples None available

standalone.ldap.host

Description Host name of the primary LDAP server. This host name is either an IP address or a DNS name.
Default No default value
Examples None available

standalone.ldap.port

Description LDAP server port.
Default No default value
Examples None available

standalone.ldap.bindDN

Description Distinguished name for the application server to use when binding to the LDAP repository.
Default No default value
Example cn=root

standalone.ldap.bindPassword

Description Password for the application server to use when binding to the LDAP repository.
Default No default value
Examples None available

standalone.ldap.ldapServerType

Description Type of LDAP server to which you connect.
Default No default value
Examples IDS

standalone.ldap.userIdMap

Description LDAP filter that maps the short name of a user to an LDAP entry. Not used during node federation to DMGR with WAS LDAP security enabled.
Default No default value
Examples The following examples displays entries of the object class = inetOrgPerson type by their IDs: inetOrgPerson:uid.

standalone.ldap.groupIdMap

Description LDAP filter that maps the short name of a group to an LDAP entry. Piece of information that represents groups when groups display. Use the asterisk (*) as a wildcard character that searches on any object class in this case. Not used during node federation to DMGR with WAS with LDAP security enabled.
Default No default value
Examples The following example displays groups by their names: *:cn

standalone.ldap.groupMemberIdMap

Description LDAP filter that identifies user-to-group relationships. Specifies which property of an objectclass stores the list of members belonging to the group represented by the objectclass. Not used during node federation to DMGR with WAS LDAP security enabled.
Default No default value
Examples None available

standalone.ldap.userFilter

Description LDAP user filter that searches the user registry for users. Not used during node federation to DMGR with WAS LDAP security enabled.
Default No default value
Examples The following example would be used to look up users based on their user IDs:(&(uid=%v)(objectclass=inetOrgPerson))

standalone.ldap.groupFilter

Description LDAP group filter that searches the user registry for groups. Not used during node federation to DMGR with WAS LDAP security enabled.
Default No default value
Examples None available

standalone.ldap.serverId

Description User ID in the repository used for internal process communication. Not used during node federation to #DOC.DESCRIPTION.2.standalone.ldap.serverId =DMGR with WAS LDAP security enabled.
Default No default value
Examples:

IBM Tivoli Directory Server: { uid=,cn=users,dc=myco,dc=com }
IBM Lotus Domino: { cn=,o=myco.com }
Novell eDirectory: { uid=,ou=people,o=myco.com }
Oracle Directory Server: { uid=,ou=people,o=myco.com }
Windows Active Directory: { cn=,cn=users,dc=myco,dc=com }

standalone.ldap.serverPassword

Description Password for the user ID in the repository used for internal process communication. Not used during node federation to DMGR with WAS LDAP security enabled.
Default No default value
Examples None available

standalone.ldap.realm

Description Security context of this server. A realm with this name will be created.
Default No default value
Examples None available

standalone.ldap.primaryAdminId

Description WAS admin user ID. The ID must exist in the LDAP server.
Default No default value
Examples None available

standalone.ldap.primaryAdminPassword

Description Password for the WAS admin user ID. The ID must exist in the LDAP server.
Default No default value
Examples None available

standalone.ldap.primaryPortalAdminId

Description WebSphere Portal admin user ID. The ID must exist in the LDAP server.
Default No default value
Examples None available

standalone.ldap.primaryPortalAdminPassword

Description Password for the WebSphere Portal admin user ID. The ID must exist in the LDAP server.
Default No default value
Examples None available

standalone.ldap.primaryPortalAdminGroup

Description User group with administrative permission in portal. The group must exist in the LDAP server.
Default No default value
Examples None available

standalone.ldap.baseDN

Description LDAP base entry. This is the startpoint for all LDAP searches of WAS Security
Default No default value
Examples None available

8.2. LDAP entity types: properties for entity type Group

standalone.ldap.et.group.searchFilter

Description Search filter to use to search the entity type. VMM uses this filter as an addition during search requests in the environment. This value can be left blank. If you leave the value blank, no additional filter is applied and the other VMM configuration is used.
Default No default value
Examples (objectclass=groupOfUniqueNames)

standalone.ldap.et.group.objectClasses

Description Specifies one or more object classes (separated by ';') for the group entity type.
Default groupOfUniqueNames
Examples None available

standalone.ldap.et.group.objectClassesForCreate

Description Object classes separated by a semi-colon (;) to use when an entity type is created. If the value of this parameter is the same as the objectClass parameter, you do not need to specify this parameter.
Default No default value
Examples None available

standalone.ldap.et.group.searchBases

Description Search base or bases to use while searching the entity type. Multiple search bases are separated by semicolon (";"). If search bases are not specified, then VMM will search under the nodes defined in nodeMaps tag. Therefore we can improve performance if we specify search bases, limiting or reducing the number of search bases. If this is a multiple virtual portal environment, the realm definition of the virtual portal overwrites the searchBase for the objectType. To keep virtual portals that do not have a realm assigned to them functional, keep the searchBase in sync with the nodes where you want the search to start.
Default No default value
Examples "cn=users1,dc=myco,dc=com;cn=users2,dc=myco,dc=com"

standalone.ldap.et.personaccount.searchFilter

Description Search filter to use to search the entity type. VMM uses this filter as an addition during search requests in the environment. This value can be left blank.
Default No default value
Examples (objectclass=inetorgperson)

standalone.ldap.et.personaccount.objectClasses

Description Should match the objectclass used in the LDAP for type User.
Default inetorgperson
Examples None available

standalone.ldap.et.personaccount.objectClassesForCreate

Description Object classes, separated by a semi-colon (;), to use when an entity type is created. If the value of this parameter is the same as the objectClass parameter, you do not need to specify this parameter.
Default No default value
Examples None available

standalone.ldap.et.personaccount.searchBases

Description Search base or bases to use while searching the entity type.
Default No default value
Examples None available

8.3. Group member attributes

standalone.ldap.gm.groupMemberName

Description LDAP attribute used as the group member attribute.
Default uniqueMember
Examples None available

standalone.ldap.gm.objectClass

Description Group object class containing the member attribute. If not defined, the member attribute applies to all group object classes
Default groupOfUniqueNames
Examples groupOfNames
groupOfUnqiueNames

standalone.ldap.gm.scope

Description The scope of the member attribute.
Default direct
Examples None available

standalone.ldap.gm.dummyMember

Description If you create a group without specifying a member, a dummy member will be filled in to avoid creating an exception about missing a mandatary attribute. For Novell eDirectory servers, Oracle Directory Server and Windows Active Directory, the value has to be empty or point to an existing entry in the LDAP directory.
Default uid=dummy
Examples None available

8.4. Default parent, RDN attribute

standalone.ldap.personAccountParent

Description Default parent to be set for the entity type PersonAccount.
Default No default value
Examples None available

standalone.ldap.groupParent

Description Default parent to be set for the entity type Group.
Default No default value
Examples None available

standalone.ldap.personAccountRdnProperties

Description RDN attribute name for the entity type PersonAccount. To reset all the values of the rdnProperties parameter, specify a blank string ("").
Default uid
Examples None available

standalone.ldap.groupRdnProperties

Description RDN attribute name for the entity type Group. To reset all the values of the rdnProperties parameter, specify a blank string ("").
Default cn
Examples None available

8.5. Advanced Properties for Group configuration

standalone.ldap.gc.name

Description The name of the membership attribute.
Default No default value
Examples None available

standalone.ldap.gc.updateGroupMembership

Description This value updates the group membership if the member is deleted or renamed. Some LDAP servers, such as Domino server, do not clean up the membership of the user when a user is deleted or renamed. If you choose these LDAP server types in the ldapServerType property, the value of this parameter is set to true. Use this parameter to change the value.
Default No default value
Examples None available

standalone.ldap.gc.scope

Description Scope of the member attribute.
Default direct
Examples None available

standalone.ldap.derefAliases

Description This value controls how aliases are dereferenced.
Default always
Examples None available

standalone.ldap.authentication

Description This value indicates the authentication method to use.
Default simple
Examples None available

standalone.ldap.referral

Description This value indicates how the LDAP server should handle referrals to other LDAP servers.
Default ignore
Examples None available

standalone.ldap.delimiter

Description Delimiter used for this realm.
Default /
Examples None available

standalone.ldap.ignoreCase

Description Whether the query matches case sensitivity. Not used during node federation to DMGR with WAS when LDAP security is enabled.
Default true
Examples None available

standalone.ldap.sslEnabled

Description Whether secure socket communication is enabled to the LDAP server. When enabled (true), the SSL settings for LDAP are used.
Default false
Examples None available

standalone.ldap.sslConfiguration

Description Name of the application server SSL configuration (such as mySSLconfig) to be used for SSL enabled LDAP server. Application Server SSL configuration names can be found in WAS Administrative console at Security-SSL certificate and key management. Specify a non default SSL configuration if federated.ldap.sslEnabled is set to true.
Default No default value
Examples None available

standalone.ldap.certificateMapMode

Description Whether to map X.509 certificates into a LDAP directory by exact distinguished name or certificate filter. Certificate filter to use for the mapping, if client certificate authentication is used for portal server. If certificate filter is selected standalone.ldap.certificateFilter need to be configured accordingly.
Default EXACT_DN
Examples None available

standalone.ldap.certificateFilter

Description This filter is used to map attributes in the client certificate to entries within the LDAP repository. Specifies the filter certificate mapping property (use CERTIFICATE_FILTER as value for standalone.ldap.certificateMapMode) for the LDAP filter if client certificate authentication is used for portal server.
Default No default value
Examples uid=${SubjectCN}

standalone.ldap.reuseConnection

Description Should be set to true by default to reuse the LDAP connection. Not used during node federation to DMGR with WebSphere Application Server when LDAP security is enabled.
Default true
Examples None available

standalone.ldap.searchTimeLimit

Description Search time limit measured in milliseconds.
Default 120000
Examples None available

standalone.ldap.connectionPool

Description Whether to use the connection pool.
Default false
Examples None available

standalone.ldap.connectTimeout

Description Connection timeout measured in seconds.
Default 0
Examples None available

standalone.ldap.supportSorting

Description This value indicates if sorting is supported or not.
Default false
Examples None available

standalone.ldap.supportPaging

Description This value indicates if paging is supported or not.
Default false
Examples None available

standalone.ldap.supportTransactions

Description This value indicates if transactions are supported or not.
Default false
Examples None available

standalone.ldap.isExtIdUnique

Description Specifies if the external ID is unique.
Default true
Examples None available

standalone.ldap.supportExternalName

Description This value indicates if external names are supported or not.
Default false
Examples None available

standalone.ldap.translateRDN

Description This value indicates to whether to translate RDN or not.
Default false
Examples None available

standalone.ldap.searchCountLimit

Description Search count limit.
Default 500
Examples None available

standalone.ldap.searchPageSize

Description Search page size, which is the number of entries per page.
Default No default value
Examples None available

standalone.ldap.returnToPrimaryServer

Description This value indicates to return to the primary LDAP server when it is available.
Default true
Examples None available

standalone.ldap.primaryServerQueryTimeInterval

Description This value indicates the polling interval for testing the primary server availability. The value of this parameter is specified in minutes.
Default No default value
Examples None available

standalone.ldap.loginProperties

Description The property name used for the login.
Default uid
Examples None available

standalone.ldap.cp.maxPoolSize

Description Maximum number of context instances that can be maintained concurrently by the context pool.
Default 20
Examples None available

8.6. LDAP attribute configuration

To update or validate the stand-alone LDAP attribute configuration, provide values for the following properties. The following configuration tasks use the LDAP attribute configuration properties: wp-validate-standalone-ldap-attribute-config and wp-update-standalone-ldap-attribute-config

standalone.ldap.attributes.nonSupported

Description This value is a comma separated list of attributes that will be added/removed from the list of nonsupported attributes
Default No default value
Examples None available

standalone.ldap.attributes.nonSupported.delete

Description If true, then the attributes in federated.ldap.nonSupported will be deleted from the list of nonsupported attributes, else they will be added.
Default No default value
Examples None available

standalone.ldap.attributes.mapping.ldapName

Description Name of the attribute in the LDAP server.
Default No default value
Examples None available

standalone.ldap.attributes.mapping.portalName

Description Name of the attribute in portal.
Default No default value
Examples None available

standalone.ldap.attributes.mapping.entityTypes

Description This value is the list of entityTypes the mapping should be applied to.
Default PersonAccount,Group
Examples None available

8.7. Standalone custom user registry configuration

The following properties require values only if you have a custom user registry (CUR) that update. The properties are used with the following configuration tasks: wp-modify-cur-security and wp-update-standalone-cur

standalone.cur.id

Description This ID specifies a unique identifier for the repository within the cell. Characters that are not allowed in normal XML strings ( & < > " ' ) cannot be used in the repository ID.
Default testCur
Examples None available

standalone.cur.baseDN

Description CUR base entry.
Default No default value
Examples None available

standalone.cur.realm

Description Security context of this server.
Default No default value
Examples None available

standalone.cur.delimiter

Description Delimiter used for this realm.
Default /
Examples None available

standalone.cur.adapterClassName

Description Implementation class name for the repository adapter.
Default No default value
Examples None available

standalone.cur.WasAdapterClassName

Description Implementation class name for the WebSphere custom user registry adapter.
Default No default value
Examples None available

standalone.cur.propertyName

Description This value is a custom property name-value pair. A custom property will only be added if the standalone.cur.propertyName is defined.
Default No default value
Examples None available

standalone.cur.propertyValue

Description This value is a custom property name-value pair. A custom property will only be added if the standalone.cur.propertyName is defined.
Default No default value
Examples None available

standalone.cur.primaryAdminId

Description WAS admin user ID. The ID must exist in a custom user repository.
Default No default value
Examples None available

standalone.cur.primaryAdminPassword

Description Password for the WAS admin user ID. The ID must exist in a custom user repository.
Default No default value
Examples None available

standalone.cur.primaryPortalAdminId

Description WebSphere Portal admin user ID. The ID must exist in the custom user repository.
Default No default value
Examples None available

standalone.cur.primaryPortalAdminPassword

Description Password for the WebSphere Portal admin user ID. The ID must exist in the custom user repository.
Default No default value
Examples None available

standalone.cur.primaryPortalAdminGroup

Description User group with administrative permission in portal. The group must exist in the custom user repository.
Default No default value
Examples None available

standalone.cur.personAccountParent

Description Default parent to be set for the entity type PersonAccount.
Default No default value
Examples None available

standalone.cur.groupParent

Description Default parent to be set for the entity type Group.
Default No default value
Examples None available

standalone.cur.personAccountRdnProperties

Description RDN attribute name for the entity type PersonAccount. To reset all the values of the rdnProperties parameter, specify a blank string ("").
Default uid
Examples None available

standalone.cur.groupRdnProperties

Description RDN attribute name for the entity type Group. To reset all the values of the rdnProperties parameter, specify a blank string ("").
Default cn
Examples None available

standalone.cur.isExtIdUnique

Description Specifies if the external ID is unique.
Default true
Examples None available

standalone.cur.supportExternalName

Description This value indicates if external names are supported or not.
Default false
Examples None available

standalone.cur.supportPaging

Description This value indicates if paging is supported or not.
Default false
Examples None available

standalone.cur.supportSorting

Description This value indicates if sorting is supported or not.
Default false
Examples None available

standalone.cur.supportTransactions

Description This value indicates if transactions are supported or not.
Default false
Examples None available

9. VMM property extension database properties

Property extension database was previously called the lookaside database. The property extension database stores additional attributes that cannot be stored in the LDAP user registry. Database modification tasks of VMM need a connection to a running server instance. Check to make sure the server is running. The properties are used with the following tasks: wp-configure-la-complete and wp-add-la-property

la.JdbcProviderName

Description Name of JDBC provider portal uses to communicate with its databases. To keep federated.db.JdbcProviderName in sync for the same database type, la.JdbcProviderName and federated.db.JdbcProviderName must be different for different database types
Default vmmdbJDBC
Examples None available

la.DbType

Description Type of database to be used for the VMM property extension database domain.
Default db2
Examples None available

la.DbUrl

Description Federated domain database URL for information about supported values. Please check wkplc_comp.properties.
Default jdbc:db2:vmmladb
Examples None available

la.DbName

Description Name of the VMM property extension database. Should also appear as the database element in DbUrl. Verify that you point to the same database. For non-Windows platforms when using DB2, this value is the TCPIP Alias for the database. For DB2 and DB2 for z/OS, this value cannot exceed 8 characters and can only contain letters and numbers. Refer to the database documentation for more information. For DB2, this value must be different from the value of dbdomain.XDbName. If you change the name of the WebSphere Portal data source due to a database migration, manually update this property in the portal_server_root/config/wpconfig_dbdomain.properties file to maintain the proper resource reference mapping.
Default vmmladb
Examples Community: comm
Customization: cust
Feedback: fdbkdb
JCR: jcrdb
LikeMinds: lmdb
Release: release
VMM: vmmdb

la.DataSourceName

Description Name of the datasource to be used for VMM Federated DB domain.
Default vmmladbDS
Examples None available

la.DbUser

Description Database administrator user ID. This value is specific to DB2.
Default db2admin
Examples None available

la.DbPassword

Description Database administrator password
Default ReplaceWithYourDbAdminPwd
Examples None available

9.1. Advanced properties

la.DbSchema

Description This value is the VMM property extension database domain database schema name. Follow the documentation of the target database management system in order to define a valid schema name as restrictions apply for some database management systems.
Default federate
Examples None available

la.DbNameOnZos

Description Required for DB2 for z/OS and OS/390 only. If we are running DB2 for z/OS as remote database, this value is the name of the remote VMM property extension database. If portal is running on z/OS and db2 for z/OS is on the same server, this value must be set equal to DbName value.
Default WPSTST02
Examples None available

la.XDbName

Description Required for Non-Windows platforms when using DB2 locally (on the same server) and DB2 is using the Type 2 JDBC driver. The VMM property extension database alias that needs to be set to use the create-database task.
Default wps6TCP
Examples None available

la.DbNode

Description Required for Non-Windows platforms when using DB2 only. Node for the VMM property extension domain database and needs to be set to use the create-database task.
Default wpsNode
Examples None available

la.DbStorageGroup

Description Required for DB2 for z/OS and OS/390 only. Storage group for the VMM property extension database for the Web Content Management JCR.
Default WPSSG
Examples None available

la.DbVolumes

Description Required for DB2 for z/OS and OS/390 only. Volumes for the VMM lookaside database.
Default *
Examples None available

la.DbVcat

Description Required for DB2 for z/OS and OS/390 only. This value is the VCAT for the VMM property extension database.
Default DSN910
Examples None available

la.Db4KBufferPoolName

Description Required for DB2 for z/OS and OS/390 only. This value is the 4K bufferpool name for the VMM property extension database.
Default BP0
Examples None available

la.Db32KBufferPoolName

Description Required for DB2 for z/OS and OS/390 only. This value is the 32K bufferpool name for the VMM property extension database.
Default BP32K
Examples None available

9.2. Create property extension tables

la.reportSqlError

Description Whether to report SQL errors while setting up databases.
Default true
Examples None available

la.entityRetrievalLimit

Description Specifies the maximum number of entities that the system can retrieve from the database with a single database query.
Default 50
Examples None available

9.3. Add a property

Properties used by tasks...

wp-add-la-property
wp-add-property

...require a secure connection to the dmgr. Check...
WP_PROFIsas.client.props

..and verify...
com.ibm.CORBA.securityEnabled=true

If we are using a remote telnet or ssh connection, set...
com.ibm.CORBA.loginSource = stdin or properties

Example values:
la.providerURL=corbaloc:iiop:dmgr.myco.com:10001
la.propertyName=textSize
la.entityTypes=PersonAccount
la.dataType=Int
la.multiValued=false

la.providerURL

Description Remote endpoint where the portal server or dmgr installation is available. Check the value for localhost:port The port should point to the bootstrap Port of WebSphere_Portal or dmgr. dmgr is used in a cluster environment
Default corbaloc:iiop:localhost:10031
Examples corbaloc:iiop:dmgr.example.com:9809

la.propertyName

Description Name of the property that we are adding.
Default No default value
Examples email, dept

la.entityTypes

Description List of entity types that the new property is applicable to.
Default No default value
Examples None available

la.dataType

Description Data type for your property extension database.
Default No default value
Examples None available

la.multiValued

Description Whether the property can contain multiple attributes or not.
Default No default value
Examples None available

repositoryId

Description Only used for the wp-add-property task. Adding a property to VMM configuration of a repository does not add the property to the LDAP system. List of repositories that the new property will be added to. The list of repositories must be separated by a comma. Leave the value blank to add the property to all repositories.
Default No default value
Examples None available

10. VMM LDAP entity type configuration

Provide values for the following properties if create, delete, or add and LDAP entity type configuration. The properties are used with the following #DOC.SECTION.DESCRIPTION.3 =configuration tasks: wp-create-ldap-entitytype, wp-delete-ldap-entitytype, and wp-add-ldap-entitytype-rdn

et.ldap.id

Description LDAP server ID.
Default No default value
Examples myLDAPServer

et.entityTypeName

Description Name of the entity type to create, update, or delete.
Default No default value
Examples None available

et.objectClass

Description Specifies a semi-colon (;) delimited list of object classes to be added.
Default No default value
Examples groupOfUniqueNames

et.searchFilter

Description Search filter to use to search the entity type.
Default No default value
Examples a filter like departmentNumber=1234 would only allow objects with this department number to be a valid search result

et.objectClassesForCreate

Description Specifies a semi-colon (;) delimited list of object classes to use when an entity type is created. If the value of this parameter is the same as the objectClass parameter, you do not need to specify this parameter.
Default No default value
Examples groupOfUniqueNames

et.searchBases

Description Search base or bases to use while searching the entity type.
Default No default value
Examples o=fooo=bar

et.rdnName

Description Specifies additional attributes for the wp-add-ldap-entitytype-rdn task. The attribute name used to build the relative distinguished name (RDN) for the entity type.
Default No default value
Examples None available

et.ldap.referral

Description Specifies additional attributes for the wp-add-ldap-entitytype-rdn task. This value indicates how the LDAP server should handle referrals to other LDAP servers.
Default ignore
Examples None available

et.ldap.host

Description
Default No default value
Examples None available

11. VMM supported entity types configuration

The wp-update-entitytype task updates the entity type 'entityTypeName' with the value of defaultParent and adds the RDN attribute to the existing list. The wp-set-entitytype task updates the entity type 'entityTypeName' with the value of defaultParent and adds the RDN attribute as only entry in the RDN list

entityTypeName

Description Name of the entity type.
Default No default value
Examples None available

defaultParent

Description Specifies the base entry name that will be used as default parent for the given entity type.
Default No default value
Examples None available

rdnProperties

Description Specifies the RDN attribute name for the supported entity type in the entity domain name. To reset all the values of the rdnProperties parameter, specify a blank string ("").
Default cn
Examples None available

updatePumaSearchBase

Description Whether the default search attribute for users and groups in PUMA Store Service should also be updated.
Default false
Examples None available

11.1. Update the defaultParent of the entity types Group and PersonAccount

The wp-update-entitytypes task updates the defaultParent of the entity types Group and PersonAccount and adds the RDN attributes to the existing list. The wp-set-entitytypes task updates the defaultParent of the entity types Group and PersonAccount and adds the RDN attributes as only entry in the RDN list

personAccountParent

Description Default parent of the entity type PersonAccount.
Default No default value
Examples None available

groupParent

Description Default parents of the entity type Group.
Default No default value
Examples None available

personAccountRdnProperties

Description Specifies the RDN attribute name for the entity type PersonAccount. To reset all the values of the rdnProperties parameter, specify a blank string ("").
Default uid
Examples None available

groupRdnProperties

Description Specifies the RDN attribute name for the entity type Group. To reset all the values of the rdnProperties parameter, specify a blank string ("").
Default cn
Examples None available

11.2. Group member attribute configuration

If the group member attribute does not exist, it will be created. The following properties are used with the wp-update-ldap-groupmember and wp-delete-ldap-groupmember tasks.

gm.ldap.id

Description LDAP server ID.
Default No default value
Examples None available

gm.groupMemberName

Description LDAP attribute used as the group member attribute.
Default No default value
Examples uniqueMember
Member

gm.objectClass

Description Group object class containing the member attribute. If not defined, the member attribute applies to all group object classes
Default No default value
Examples groupOfNames
groupOfUnqiueNames

gm.scope

Description Scope of the member attribute.
Default No default value
Examples None available

gm.dummyMember

Description If you create a group without specifying a member, a dummy member will be filled in to avoid creating an exception about missing a mandatary attribute. For Novell eDirectory servers, Oracle Directory Server and Windows Active Directory, the value has to be empty or point to an existing entry in the LDAP directory.
Default No default value
Examples None available

11.3. Create group member configuration

The following properties are used with the wp-create-ldap-groupconfig task.

gc.ldap.id

Description LDAP server ID.
Default Stand-alone
Examples None available

gc.name

Description Name of the membership attribute.
Default ibm-allGroups
Examples:

IBM Tivoli Directory Server: ibm-allGroups
IBM Lotus Domino: no example available
IBM SecureWay Security Server: no example available
Novell eDirectory: no example available
Oracle Directory Server: no example available
Windows Active Directory: memberOf

gc.updateGroupMembership

Description This value updates the group membership if the member is deleted or renamed. Some LDAP servers, such as Domino server, do not clean up the membership of the user when a user is deleted or renamed. If you choose these LDAP server types in the ldapServerType property, the value of this parameter is set to true. Use this parameter to change the value.
Default false
Examples None available

gc.scope

Description Scope of the member attribute.
Default nested
Examples None available

11.4. Context pool

The following properties are used with the wp-update-ldap-contextpool task.

cp.ldap.id

Description LDAP server used for the context pool.
Default No default value
Examples None available

cp.maxPoolSize

Description Specifies the maximum number of context instances that can be maintained concurrently by the context pool.
Default No default value
Examples None available

11.5. Realm configuration

The following properties are used to in multiple realm configuration tasks. If no realm name is specified, the default realm will be updated

The wp-create-realm tasks uses the following properties: realmName, addBaseEntry, securityUse, and delimiter
The wp-update-realm task uses the following properties: realmName, securityUse, and delimiter
The wp-delete-realm task uses the following property: deleteRealmName
The wp-default-realm task uses the following property: defaultRealmName
The wp-add-realm-baseentry task uses the following properties: realmName and addBaseEntry
The wp-delete-realm-baseentry task uses the following properties: realmName and deleteBaseEntry
The wp-query-realm-baseentry task uses the following property: realmName
The wp-modify-realm-defaultparents task uses the following properties: realmName, realm.personAccountParent, realm.groupParent, and realm.orgContainerParent
The wp-modify-realm-enable-dn-login task uses the following property: realmName
The wp-modify-realm-disable-dn-login task uses the following property: realmName

realmName

Description Name of the realm to be created or updated. If no realm name is given, the default realm will be updated.
Default No default value
Examples None available

addBaseEntry

Description Name of base entry to be added to the realm.
Default No default value
Examples None available

securityUse

Description Set whether this virtual realm will be used in security now, later, or never.
Default active
Examples None available

delimiter

Description Delimiter used for this realm.
Default /
Examples None available

defaultRealmName

Description Name of the new default realm.
Default No default value
Examples None available

deleteBaseEntry

Description Name of the base entry to be deleted from the realm.
Default No default value
Examples None available

realm.personAccountParent

Description Default parents to be set for the entity type PersonAccount. The realm entered in realmName will be used to perform the change.
Default No default value
Examples None available

realm.groupParent

Description Default parents to be set for the entity type Group. The realm entered in realmName will be used to perform the change.
Default No default value
Examples None available

realm.orgContainerParent

Description Default parents to be set for the entity type OrgContainer. The realm entered in realmName will be used to perform the change.
Default No default value
Examples None available

11.6. Base entry configuration

The following properties are used by the wp-create-base-entry, wp-update-base-entry, and wp-delete-base-entry. When running the wp-update-base-entry task, if the base entry does not exist, the task will create the entry.

id

Description Specifies the ID of the repository, where the base entry will be created, updated, or deleted. When a base entry is created, it will automatically be added to the default realm.
Default No default value
Examples None available

baseDN

Description Name of the base entry to be created, updated, or deleted.
Default No default value
Examples None available

nameInRepository

Description Distinguished name in the repository that uniquely identifies the base entry name. In most cases this should be the same as baseDN.
Default No default value
Examples ou=admins,dc=myco,dc=com

11.7. Change administrative users

The following properties are used by the wp-change-was-admin-user and wp-change-portal-admin-user tasks. The wp-change-portal-admin-user task will also change the admin group if the ID is set.

newAdminId

Description New ID of the administrative user. The "short name" for this new ID should not be identical to the original admin user ID. The user ID cannot contain a space for example, user ID. On Windows, if the user ID contains a space, place quotes around the fully qualified user ID before running the task. On UNIX, if the fully qualified user ID contains a space, place the fully qualified user ID in the properties file or into a parent properties file instead entering it as a flag on the command line.
For example, create a parent properties file called mysecurity.properties, enter the fully qualified user ID and then run the task:

./ConfigEngine.sh task_name -DparentProperties=/opt/mysecurity.properties.

Default No default value
Examples:

Development configuration without security: PortalAdminId=wpsadmin
IBM Tivoli Directory Server: { uid=,cn=users,dc=myco,dc=com }
IBM Lotus Domino: { cn=,o=myco.com }
Novell eDirectory { uid=,ou=people,o=myco.com }
Oracle Directory Server : { uid=,ou=people,o=myco.com }
Windows Active Directory: { cn=,cn=users,dc=myco,dc=com }
Windows Active Directory-Lightweight-Directory-Services : { cn=,cn=users,dc=myco,dc=com }
Windows when the fully qualified user ID contains a space: "cn=wpsadmin,cn=users,l=SharedLDAP,c=US,ou=Lotus,o=Software Group,dc=ibm,dc=com"

newAdminPw

Description New password of the administrative user.
Default No default value
Examples None available

newAdminGroupId

Description New ID of the portal administrative group.
Default No default value
Examples None available

11.8. Change attribute configuration

The wp-update-attribute-config task sets the overall required and unsupported properties.

user.attributes. required

Description New (comma separated) list of attributes required for user creation
Default sn
Examples None available

user.attributes.nonsupported

Description New (comma separated) list of attributes that will be ignored by portal.
Default certificate,identifier
Examples None available

11.9. Restore VMM security

The following properties are used with the wp-restore-default-repository-configuration task.

restore.file.realm

Description Specifies the realm name to be used. A realm with this name will be created.
Default federatedRealm
Examples None available

restore.file.delimiter

Description Delimiter used for this realm.
Default /
Examples None available

restore.file.primaryAdminId

Description Specifies the ID (shortname) of the WAS administrative user. The ID must exist in a user repository.
Default adminUID
Examples None available

restore.file.primaryAdminPassword

Description Password (shortname) of the WAS administrative user.
Default adminPWD
Examples None available

restore.file.primaryPortalAdminGroup

Description User group (short name) with administrative permission in portal. The group must exist in the LDAP server.
Default adminGroupCN
Examples None available

11.10. Community Isolation and external users

The following properties are used with the wp-configure-community-isolation and wp-configure-external-users task.

communityIsolation.enabled

Description Whether or not the boolean flag should enable community isolation (peer groups).
Default false
Examples None available

externalUsers.enabled

Description Whether or not the boolean flag should enable or disable external users.
Default false
Examples None available

externalUsers.parentDN

Description Parent DN for new external users.
Default No default value
Examples ou=externalUsers,o=defaultWIMFileBasedRealm

12. Additional properties for internal use only

AdditionalPropertiesToFilter

Description Do not change the value of this attribute unless specifically directed to do so by IBM Support
Default newAdminPw
Examples None available

wps.userdir

Description Do not change the value of this attribute unless specifically directed to do so by IBM Support.
Default PortalServer
Examples None available

Parent: Configuration properties reference

Description	Password for the user ID specified for WAS security authentication. The WasPassword parameter can be specified in this file or we can pass it on the command line using the -DWasPassword string.
Default	ReplaceWithYourWASUserPwd
Examples	None available

Description	Directory where WAS product files are installed. Set based on user input during installation.
Default	@was.root@
Examples	AIX: /usr/WebSphere/AppServer IBM i: /QIBM/UserData/WebSphere/AppServer Linux: /opt/WebSphere/AppServer Solaris: /opt/WebSphere/AppServer Windows: c:/WebSphere/AppServer

Description	Directory where WAS user data (profile) is created. Set based on user input during installation.
Default	@was.user.root@
Examples	AIX: /usr/WebSphere/profile IBM i: /QIBM/UserData/WebSphere/AppServer/V8/ND/profiles/profile Linux: /opt/WebSphere/profile Solaris: /opt/WebSphere/profile Windows: c:/WebSphere/profile

Description	Name of the WAS cell where the WAS is located.
Default	@CellName@
Examples	None available

Description	Node within the WAS cell where the WAS is located. This value must be unique among other node names in the same cell.Typically this value is the same as the host name for the computer.
Default	@NodeName@
Examples	None available

Description	Name of the application server where the WebSphere Portal application is deployed. This value must be unique among other application server names in the same cell.
Default	WebSphere_Portal
Examples	None available

Description	Name of the application server for administration. For IBM i, if the WAS profile was created with a different WAS administrative server name, you should change this value to reflecthat.
Default	server1
Examples	server1

Description	Password to encrypt and decrypt the LTPA keys.
Default	No default value
Examples	None available

Description	This value is a Solaris specific property that specifies whether to use the 64 bit or 32 bit JVM.
Default	sparc32
Examples	32bit JVM: sparc32, x86, or ia32 64 bit JVM: sparc64 or x64

Description	Password for the WebSphere Portal administrator. Set based on user input during installation. The password cannot contain a space, for example, pass word. The password cannot be longer than 128 characters.
Default	No default value
Examples	None available

Description	Used for the object ID creation mechanism. Has to be different for each node. The ID is 12 hex digits that are unique to this WebSphere Portal instance. Usually a MAC address from a communications adapter on this node. Nodes running on one machine can have the same PortalUniqueID.
Default	00054E48AA0C
Examples	None available

Description	Required for IBM i only. Port block that will be used for the WebSphere Portal Server.
Default	10000
Examples	None available

Description	Required for z/OS only. The library where the ifaedjreg.jar file resides
Default	No default value
Examples	None available

Description	Required for z/OS only. This value is the library where the SMF DLLs reside.
Default	No default value
Examples	None available

Description	Required for z/OS only. Server's jobname, as specified in the MVS START command JOBNAME parameter. JOBNAME is the name of the task or script that runs when the server is running. MVS (Multiple Virtual Storage) is the name of the operating system that runs on the mainframe. This value is also passed as a parameter to the server's start procedures to specify the location of the server's configuration files and identify the server to certain WebSphere for z/OS- exploited z/OS facilities (for example, SAF).
Default	BBOS002
Examples	SAF

Description	Required for z/OS only. Cluster transition name of the WLM APPLENV (WLM application environment) name for this server.
Default	BBOC002
Examples	None available

Description	Required for database transfer List of database domains that will be transferred by the database-transfer process. Should not be altered unless to include or exclude specific domains from the transfer process.
Default	release,community,customization,jcr,feedback,likeminds
Examples	None available