FileNet P8 Application Engine, Version 5.2.1       Application server:  WebSphere Application Server     

Configuring Lightweight Directory Access Protocol (LDAP) for federated repositories

If you have a multiple domain environment, configure LDAP settings for federated repositories on the WebSphere® Application Server to enable LDAP communication between Application Engine and Content Engine. It is recommended that the LDAP configuration settings match those set on the application server where Content Engine is installed.

About this task

Important: If you are using federated repositories, your WebSphere administrative console user cannot have the same username or ID as a user in the LDAP repository.
Important: If you are using WebSphere Application Server Network Deployment and Application Engine is to be deployed where Content Engine is deployed, you do not need to complete this task.

To configure Lightweight Directory Access Protocol (LDAP) for federated repositories:

Procedure

  1. Open the WebSphere administrative console.
  2. Navigate to the security settings page at Security > Global security.
  3. Set the following Security flags:
    • Disable (clear) the Enable Administrative Security flag.
    • Disable (clear) the Enable application security flag.
    • Disable (clear) the Java 2 security flag.
  4. From the bottom of the panel, in the dropdown list called Available realm definitions, select Federated Repositories and click Configure.
  5. Configure the LDAP provider to exactly match the corresponding General Properties on the Content Engine application server.
    Tip: Open the WebSphere administrative console for Content Engine to the same panels to see and copy all settings.
    • Realm name
    • Primary administrative user name
    • Select Automatically generated server identity.
    • Ignore case for authorization
    • Repositories in the realm
  6. Save these settings.
  7. Next to Available realm definitions, ensure that Federated repositories is still selected, and click Set as current.
  8. Set the following Security flags:
    • Enable (select) the Enable Administrative Security flag.
    • Enable (select) the Enable application security flag.
    • Disable (clear) the Java 2 security flag.

    The IBM® FileNet® P8 Platform utilizes LDAP-based security, and does not support Java™ 2 security. Enabling Java 2 security causes unexpected behavior.

  9. Save your changes to the master configuration.
  10. Restart the WebSphere instance.
  11. Test the connection to the repository.
    1. In the WebSphere administrative console, navigate to Users and Groups > Manage Users.
    2. Click Search By User ID, and enter a known user.
    3. Click Search. This should return the user from the configured LDAP repository.


Last updated: October 2015
p8pin209.htm

© Copyright IBM Corporation 2013, 2015.