WebSphere Application Server Network Deployment, Version 6.1
             Operating Systems: AIX, HP-UX, i5/OS, Linux, Solaris, Windows, z/OS

             Personalize the table of contents and search results

Creating a trusted user account in Tivoli Access Manager

Tivoli Access Manager trust association interceptors require the creation of a trusted user account in the shared LDAP user registry.

About this task

This account includes the ID and password that WebSEAL uses to identify itself to WebSphere Application Server. To prevent potential vulnerabilities, do not use the sec_master ID as the trusted user account and ensure that the password you use is unique and generated randomly. Use the trusted user account for the TAI or TAI++ only.

Procedure

  1. Use either the Tivoli Access Manager pdadmin command-line utility or Web Portal Manager to create the trusted user. For example, from the pdadmin command line.
  2. Reference the code listed below as an example for creating a trusted user account.
  3. Reference the following additional resources for more information:
    1. Configuring WebSEAL for use with WebSphere Application Server
    2. Configuring Tivoli Access Manager plug-in for Web servers for use with WebSphere Application Server

Example

pdadmin> user create webseal_userid webseal_userid_DN firstname 
         surname password

pdadmin> user modify webseal_userid account-valid yes



In this information ...


IBM Redbooks, demos, education, and more


Use IBM Suggests to retrieve related content from ibm.com and beyond, identified for your convenience.

This feature requires Internet access.

IBM Suggests
Task topic    

Terms of Use | Feedback

Last updated: Feb 25, 2009 9:32:38 AM CST
http://publib.boulder.ibm.com/infocenter/wasinfo/v6r1/index.jsp?topic=/com.ibm.websphere.nd.multiplatform.doc/info/ae/ae/tsec_sso_tam_user_create2.html