You can set up the Lightweight Directory Access Protocol
(LDAP) on WebSphere® Application Server.
Procedure
- From the WebSphere Integrated Solutions Console,
click .
- Apply the following security settings:
- Enable administrative security: on
- Enable application security: on
- User account repository/Available realm definitions: standalone
LDAP registry
- In the User account repository section, click Configure,
and enter information about the general properties:
- Primary administrative user name: Your user ID
- Server user identity: Automatically generated server identity
- Host: Name of the LDAP server
- Port: Port of the LDAP server. Default is 389.
- Type of LDAP server: Custom
- Search timeout: 120 seconds
- Base distinguished name (DN): The base distinguished name of the
directory service
- Click Apply and save the changes.
- In the Configuration section, click Test connection.
- In the Additional Properties section, click Advanced
Lightweight Directory Access Protocol (LDAP) user registry settings.
- Specify the information in the general properties fields
as follows:
Remember: Replace the objectclass values
and use the values that your LDAP administrator provided for configuring WebSphere Application Server.
- User filter:
(&(uid=%v)(objectclass=inetOrgPerson))
- Group filter:
(&(cn=%v)(|(objectclass=groupOfNames)(objectclass=posixGroup)))
- User ID map:
*:uid
- Group ID map:
*:cn
- Group member ID map: (replace ibm with your ID)
ibm-allGroups:member;ibm-allGroups:uniqueMember
- Click Apply and save the changes.
- Confirm each setting by clicking Apply and Save on
each screen.
- Click OK to go back to the Global
Security page.
- Set Standalone LDAP registry as
the current realm definition by clicking Set as Current.
- Stop and restart WebSphere Application Server.
- After WebSphere Application Server restarts,
validate the changes by logging on to the Integrated Solutions Console.