FileNet P8 Workplace XT, Version 1.1.5       Application server:  WebSphere Application Server     

Configuring stand-alone Lightweight Directory Access Protocol (LDAP)

In order to enable communication between WebSphere® and Content Engine, you must configure LDAP settings on the WebSphere Application Server.

To configure stand-alone LDAP:
  1. Open the WebSphere administrative console.
  2. Navigate to the security settings page.
    Option Description
    WebSphere Application Server 6.1 Navigate to Security > Secure administration, applications, and infrastructure.
    WebSphere Application Server 7.0 Navigate to Security > Global security.
  3. Disable security using the following Security settings:
    • Turn off (clear) the Enable Administrative Security flag.
    • Turn off (clear) the Enable application security flag.
    • Turn off (clear) the Use Java 2 security to restrict application access to local resources security flag.
  4. From the bottom of the panel, in the dropdown list called Available realm definitions, select Standalone LDAP registry and click Configure.
  5. Configure the LDAP provider to exactly match the corresponding settings on the Content Engine application server.
    Tip: Open the WebSphere administrative console for Content Engine to the same panels to see and copy all settings.
    • Primary administrative user name
    • Automatically generated server identity
    • Type
    • Host
    • Port
    • Base distinguished name (DN)
    • Bind distinguished name (DN)
    • Bind password
  6. Configure the LDAP user registry settings to exactly match the corresponding settings on the Content Engine application server.
    Tip: Open the WebSphere administrative console for Content Engine to the same panel to see and copy all settings.
    • User filter
    • Group filter
    • User ID map
    • Group member ID map
    • Certificate map mode
    • Certificate filter
  7. Save these settings.
  8. Next to Available realm definitions, ensure that Standalone LDAP registry is still selected, and click Set as current.
  9. Re-enable the following Security settings:
    • Turn on (select) the Enable Administrative Security flag.
    • Turn on (select) the Enable application security flag.
    • Turn off (clear) the Use Java 2 security to restrict application access to local resources flag.

    The IBM® FileNet® P8 Platform uses LDAP-based security, and does not support Java™ 2 security. Enabling Java 2 security will cause unexpected behavior.

  10. Save your changes to the master configuration.
  11. Test the connection on the Standalone LDAP registry page. If the test fails, correct the error before proceeding. If it passes, click OK to return to the previous page.

    If you see a message about the ID not existing in the user repository, you can ignore it.

  12. Stop and restart the application server.


Feedback

Last updated: March 2013
wxtip021.htm

© Copyright IBM Corporation 2013.
This information center is powered by Eclipse technology. (http://www.eclipse.org)