To enable LDAP communication between Application Engine and Content Engine, you must configure settings
on the WebSphere® Application
Server. It is
recommended that the LDAP configuration settings match those set on
the application server where Content Engine is
installed.
Important: If you are using WebSphere Application
Server Network Deployment and Application Engine is to be deployed where Content Engine is deployed, you do not
need to complete this task.
To configure
stand-alone Lightweight Directory Access Protocol (LDAP):
- Open the WebSphere administrative
console.
- Navigate to the security settings page.
Option |
Description |
WebSphere Application
Server 6.1 |
Navigate to .
|
WebSphere Application
Server 7.0 |
Navigate to .
|
- Disable security by using the following Security settings:
- Disable (clear) the Enable Administrative Security flag.
- Disable (clear) the Enable application security flag.
- Disable (clear) the Java 2 security flag.
- From the bottom of the panel, in the dropdown list called Available
realm definitions, select Standalone LDAP registry and
click Configure.
- Configure the LDAP provider to exactly match the corresponding
settings on the Content Engine application
server.
Tip: Open the WebSphere administrative console for Content Engine to the same panels to see
and copy all settings.
- Primary administrative user name
- Select Automatically generated server identity.
- Type
- Host
- Port
- Base distinguished name (DN)
- Bind distinguished name (DN)
- Bind password
- Configure the LDAP user registry settings to exactly match
the corresponding settings on the Content Engine application server.
Tip: Open the WebSphere administrative
console for Content Engine to
the same panel to see and copy all settings.
- User filter
- Group filter
- User ID map
- Group member ID map
- Certificate map mode
- Certificate filter
- Save these settings.
- Next to Available realm definitions,
ensure that Standalone LDAP registry is still
selected, and click Set as current.
- Set the following Security flags:
- Enable (select) the Enable Administrative Security flag.
- Enable (select) the Enable application security flag.
- Disable (clear) the Java 2 security flag.
The IBM® FileNet® P8 Platform utilizes
LDAP-based security, and does not support Java™ 2 security. Enabling Java 2 security will cause unexpected behavior.
- Save your changes to the master configuration.
- Restart the WebSphere instance.
- Test the connection on the Standalone LDAP registry page.
If the test fails, correct the error before proceeding. If it passes,
click OK to return to the previous page.