Configuring
dynamic and nested group support for the SunONE
or iPlanet Directory Server
Configure dynamic and
nested groups to simplify WebSphere® Application Server
security management
and increase its effectiveness and flexibility.
Before you begin
To use dynamic and
nested groups with WebSphere Application
Server security, you must be running WebSphere Application
Server Version 6.1 or later. Refer to Dynamic groups and nested group support for LDAP for more
information on this topic.
Procedure
In the administrative console for WebSphere Application
Server, click Security > Global security.
Under User account repository, click the Available realm
definitions drop-down list, select Standalone LDAP registry,
and click Configure.
Select SunONE for the type of LDAP server.
Select the Ignore case for authorization option.
Under Additional Properties, click Advanced Lightweight
Directory Access Protocol (LDAP) user registry settings.
Change the Group filter setting to &(cn=%v)(objectclass=ldapsubentry)).
Change the Group member ID map setting to nsRole:nsRole.
Use IBM Suggests to retrieve related content from ibm.com and beyond, identified for your convenience.
This feature requires Internet access.
Most of the following links will take you to information that is not part of the formal product documentation and is provided "as is." Some of these links go to non-IBM Web sites and are provided for your convenience only and do not in any manner serve as an endorsement by IBM of those Web sites, the material thereon, or the owner thereof.