WebSphere WebSphere Enterprise Service Bus, Version 6.0.1 Operating Systems: AIX, HP-UX, Linux, Solaris, Windows

Configuring Lightweight Directory Access Protocol (LDAP) as the user registry

By default the user registry is the local operating system registry. If you prefer, use an external Lightweight Directory Access Protocol (LDAP) as the user registry.

Why and when to perform this task

If you want WebSphere ESB to use an LDAP binding when authenticating users and other security-related tasks, you can configure LDAP as the user registry.

To configure LDAP as the user registry, use the administrative console to complete the following steps:

Steps for this task

  1. Display the LDAP User Registry configuration page.
    1. In the navigation pane, click Security > Global security.
    2. In the content pane, click [User registries] LDAP.
  2. Set the user name and password used to run WebSphere ESB for security purposes.

    In the Server user ID field type the user name and in the Server user password enter the corresponding password. This user ID is not the LDAP administrator user ID. The entry should exist in the LDAP user registry.

  3. Choose the type of LDAP server you are using.

    From the Type list choose the specific LDAP server to use as your user registry.

  4. Enter the name of the machine where the LDAP resides.

    In the Host field enter the name of the server where the LDAP resides.

  5. Enter the port number on which the LDAP listens.

    In the Port field enter the port number on which the LDAP server is listening.

  6. Enter the Base Distinguished Name.

    Specifies the base distinguished name of the directory service, indicating the starting point for LDAP searches of the directory service.

    For authorization purposes, this field is case sensitive. This specification implies that if a token is received (for example, from another cell or Domino) the base DN in the server must match the base DN from the other cell or Domino server exactly. If case sensitivity is not a consideration for authorization, enable the Ignore case field. This field is required for all Lightweight Directory Access Protocol (LDAP) directories except for the Domino Directory, where this field is optional.

  7. Leave the remaining parameters with the default values and confirm your changes.

    Click OK.

What to do next

The LDAP user registry is used if global security is switched on.


Task topic

Terms of Use | Rate this page

Timestamp iconLast updated: 13 Dec 2005
http://publib.boulder.ibm.com/infocenter/dmndhelp/v6rxmx/index.jsp?topic=/com.ibm.websphere.wesb.doc\doc\tsec_ldap.html

(C) Copyright IBM Corporation 2005. All Rights Reserved.
This information center is powered by Eclipse technology. (http://www.eclipse.org)