|
Problem |
Enabling WebSphere security in an NT
domain |
|
|
|
Solution |
1. When running WebSphere as a service
from the services panel, the id needs only to exist on the local
machine
2. In "Configure Global Security", the user
id/password, under the "User Registry" tab, must be valid to the NT
domain.
3. Always
restart the admin service after making
changes to security settings, with NT it may be advisable to reboot the
system if there problems.
4. When assigning user permissions and searching for a
particular user, the search may take several minutes especially if there
is a large number of users. This may make the search appear to be hung.
Using groups would be more efficent.
5. It does not matter which id was used to log onto
the NT server to start the service.
6. It also does not matter which id is used to access
DB2, even a local id to the NT server will work.
A good test to see if you are accessing the proper
user registry is to do the following:
From the Admin console, select "Configure Security
Permissions" and try to search for users or groups. If the search list
comes back empty results list then it is not setup properly.
You can also look in the sas.server.props file for the
following lines which should confirm which user name and domin is being
used.
com.ibm.CORBA.principalName=DOMAIN-XYZ/user1
com.ibm.CORBA.authenticationTarget=LOCALOS |
|
|
|
|
|
|