To enable LDAP communication between Application Engine and Content Engine, you must configure settings
on the WebSphere® Application
Server. It is
recommended that the LDAP configuration settings match those set on
the application server where Content Engine is
installed.
About this task
Important: If
you are using WebSphere Application
Server Network
Deployment and Application Engine is
to be deployed where Content Platform Engine is
deployed, you do not need to complete this task because you already
configured LDAP as part of configuring Content Platform Engine.
To configure
stand-alone Lightweight Directory Access Protocol (LDAP):
Procedure
- Open the WebSphere administrative
console.
- Navigate to the security settings page at .
- Disable security by using the following Security settings:
- Disable (clear) the Enable Administrative Security flag.
- Disable (clear) the Enable application security flag.
- Disable (clear) the Java 2 security flag.
- From the bottom of the panel, in the list called Available
realm definitions, select Standalone LDAP registry and
click Configure.
- Configure the LDAP provider to exactly match the corresponding
settings on the Content Engine application
server.
Tip: Open the WebSphere administrative console for Content Engine to the same panels to see
and copy all settings.
- Primary administrative user name
- Select Automatically generated server identity.
- Type
- Host
- Port
- Base distinguished name (DN)
- Bind distinguished name (DN)
- Bind password
- Configure the LDAP user registry settings to exactly match
the corresponding settings on the Content Engine application server.
Tip: Open the WebSphere administrative
console for Content Engine to
the same panel to see and copy all settings.
- User filter
- Group filter
- User ID map
- Group member ID map
- Certificate map mode
- Certificate filter
- Save these settings.
- Next to Available realm definitions,
ensure that Standalone LDAP registry is still
selected, and click Set as current.
- Set the following Security flags:
- Enable (select) the Enable Administrative Security flag.
- Enable (select) the Enable application security flag.
- Disable (clear) the Java 2 security flag.
The IBM®
FileNet® P8 Platform utilizes
LDAP-based security, and does not support Java™ 2 security. Enabling Java 2 security will cause unexpected behavior.
- Save your changes to the master configuration.
- Restart the WebSphere instance.
- Test the connection on the Standalone LDAP registry page.
If the test fails, correct the error before proceeding. If it passes,
click OK to return to the previous page.