If you have a multiple domain environment, configure LDAP
settings for federated repositories on the WebSphere® Application
Server to enable LDAP communication
between Application Engine and Content Engine.
Important: If you are using federated repositories,
your WebSphere administrative
console user cannot have the same username or ID as a user in the
LDAP repository.
To configure Lightweight Directory Access
Protocol (LDAP) for federated repositories:
- Open the WebSphere administrative
console.
- Navigate to the security settings
page.
Option |
Description |
WebSphere Application
Server 6.1 |
Navigate to .
|
WebSphere Application
Server 7.0 |
Navigate to .
|
- Disable the following Security settings:
- Clear the Enable Administrative Security flag.
- Clear the Enable application security flag.
- Clear the Java 2 security flag.
- From the bottom of the panel, in the dropdown list called Available
realm definitions, select Federated Repositories and
click Configure.
- Configure the LDAP provider to exactly match the corresponding General
Properties on the Content Engine application
server.
Tip: Open the WebSphere administrative console for Content Engine to the same panels to see
and copy all settings.
- Realm name
- Primary administrative user name
- Select Automatically generated server identity.
- Ignore case for authorization
- Repositories in the realm
- Save these settings.
- Next to Available realm definitions,
ensure that Federated repositories is still
selected, and click Set as current.
- Re-enable the following Security settings:
- Select the Enable Administrative Security flag.
- Select the Enable application security flag.
- Clear the Java 2 security flag.
The IBM® FileNet® P8 Platform utilizes
LDAP-based security, and does not support Java 2 security. Enabling
Java 2 security will cause unexpected behavior.
- Save your changes to the master configuration.
- Restart the WebSphere instance.
- Test the connection to the repository.
- In the WebSphere administrative
console, navigate to .
- Click Search By User ID , and
enter a known user.
- Click Search. This
should return the user from the configured LDAP repository.