Configuring dynamic and nested group support for the SunONE or iPlanet
Directory Server
Configure dynamic and nested groups to simplify WebSphere® Application
Server security management and increase its effectiveness and flexibility.
Before you begin
To use dynamic and nested groups with WebSphere Application Server security,
you must be running WebSphere Application Server Version 5.1.1 or later.
Refer to Dynamic groups and nested group support for LDAP for
more information on this topic.
Procedure
In the administrative console for WebSphere Application Server, click Security >
Global security.
Under User account repository, click the Available realm definitions drop-down
list, select Standalone LDAP registry, and click Configure.
Select SunONE for the type of LDAP server.
Select the Ignore case for authorization option.
Under Additional Properties, click Advanced Lightweight Directory
Access Protocol (LDAP) user registry settings.
Change the Group filter setting to &(cn=%v)(objectclass=ldapsubentry)).
Change the Group member ID map setting to nsRole:nsRole.
Use IBM Suggests to retrieve related content from ibm.com and beyond, identified for your convenience.
This feature requires Internet access.
Most of the following links will take you to information that is not part of the formal product documentation and is provided "as is." Some of these links go to non-IBM Web sites and are provided for your convenience only and do not in any manner serve as an endorsement by IBM of those Web sites, the material thereon, or the owner thereof.
Last updated: Oct 21, 2010 3:36:59 AM CDT http://www14.software.ibm.com/webapp/wsbroker/redirect?version=compass&product=was-express-iseries&topic=tsecdynamicnestedgroupsun File name: tsec_dynamicnestedgroupsun.html