Enabling LDAP on WebSphere Application Server

You can set up the Lightweight Directory Access Protocol (LDAP) on WebSphere® Application Server.

Procedure

  1. From the WebSphere Integrated Solutions Console, click Security > Global security.
  2. Apply the following security settings:
    • Enable administrative security: on
    • Enable application security: on
    • User account repository/Available realm definitions: standalone LDAP registry
    • In the User account repository section, click Configure, and enter information about the general properties:
      • Primary administrative user name: Your user ID
      • Server user identity: Automatically generated server identity
      • Host: Name of the LDAP server
      • Port: Port of the LDAP server. Default is 389.
      • Type of LDAP server: Custom
      • Search timeout: 120 seconds
      • Base distinguished name (DN): The base distinguished name of the directory service
  3. Click Apply and save the changes.
  4. In the Configuration section, click Test connection.
  5. In the Additional Properties section, click Advanced Lightweight Directory Access Protocol (LDAP) user registry settings.
  6. Specify the information in the general properties fields as follows:
    Remember: Replace the objectclass values and use the values that your LDAP administrator provided for configuring WebSphere Application Server.
    • User filter:
      (&(uid=%v)(objectclass=inetOrgPerson))
    • Group filter:
      (&(cn=%v)(|(objectclass=groupOfNames)(objectclass=posixGroup)))
    • User ID map:
       *:uid
    • Group ID map:
      *:cn
    • Group member ID map: (replace ibm with your ID)
      ibm-allGroups:member;ibm-allGroups:uniqueMember 
  7. Click Apply and save the changes.
  8. Confirm each setting by clicking Apply and Save on each screen.
  9. Click OK to go back to the Global Security page.
  10. Set Standalone LDAP registry as the current realm definition by clicking Set as Current.
  11. Stop and restart WebSphere Application Server.
  12. After WebSphere Application Server restarts, validate the changes by logging on to the Integrated Solutions Console.

Feedback