WebSphere Application Server Version 6 supports all Lightweight Directory Access Protocol (LDAP) dynamic and nested groups when using IBM Tivoli Directory Server. This function is enabled by default by taking advantage of a new feature in IBM Tivoli Directory Server. IBM Tivoli Directory Server uses the ibm-allGroups forward reference group attribute that automatically calculates all the group memberships including dynamic and recursive memberships for a user. Security directly locates a user group membership from a user object rather than indirectly search all the groups to match group members.
For more information, see Configuring dynamic and nested group support for the IBM Tivoli Directory Server.
Related concepts
Dynamic and nested group support for the SunONE or iPlanet Directory
Server
Locating a user's group memberships in Lightweight Directory Access
Protocol
Lightweight Directory Access Protocol
Dynamic groups and nested group support
Related tasks
Configuring dynamic and nested group support for the SunONE or iPlanet
Directory Server
Configuring dynamic and nested group support for the IBM Tivoli Directory
Server
Using specific directory servers as the LDAP server