Configure dynamic and
nested groups to simplify WebSphere® Application Server
security management
and increase its effectiveness and flexibility.
Before you begin
To use dynamic and
nested groups with WebSphere Application
Server security, you must be running WebSphere Application
Server Version 6.1 or later. Refer to
Dynamic groups and nested group support for LDAP for more
information on this topic.
Procedure
- In the administrative console for WebSphere Application
Server, click Security > Global security.
- Under User account repository, click the Available realm
definitions drop-down list, select Standalone LDAP registry,
and click Configure.
- Select SunONE for the type of LDAP server.
- Select the Ignore case for authorization option.
- Under Additional Properties, click Advanced Lightweight
Directory Access Protocol (LDAP) user registry settings.
- Change the Group filter setting to &(cn=%v)(objectclass=ldapsubentry)).
- Change the Group member ID map setting to nsRole:nsRole.
- Click Apply or OK to validate the
changes.