Disabling nested group searches
Follow these steps to disable nested group searches when logging on to WebSphere Application Server.
If you have several nested groups, to improve performance you might not want to retrieve all of the nested groups during login.
To disable nested group searches, at the wsadmin command
prompt, enter the following command:
wsadmin>$AdminTask configureAdminWIMUserRegistry {-customProperties {"com.ibm.ws.wim.registry.grouplevel=1"} }
The
custom property, com.ibm.ws.wim.registry.grouplevel is
added to the user registry object. The value of the group level is
set to 1, which retrieves only first level groups. If you do not set
the value of the group level, the default value of 0 is used, which
retrieves all nested groups.Note: In WebSphere Application Server 6.1, the configureAdminWIMUserRegistry
command is unavailable, hence you must manually edit the security.xml file
and add the entry, <properties xmi:id="VMMURProperty_1"
name="com.ibm.ws.wim.registry.grouplevel" value="1"/> as
shown next. The security.xml file is located
at: app_server_root\profiles\your_server_name\config\cells\your_cell\security.xml.
<userRegistries xmi:type="security:WIMUserRegistry"
xmi:id="WIMUserRegistry_1" serverId="" serverPassword="{xor}"
realm="defaultWIMFileBasedRealm" ignoreCase="true" useRegistryServerId="false"
primaryAdminId="uid=wasadmin,o=default organization"
registryClassName="com.ibm.ws.wim.registry.WIMUserRegistry">
<properties xmi:id="VMMURProperty_1" name="com.ibm.ws.wim.registry.grouplevel" value="1"/>
</userRegistries>