WebSphere Application Server Version 6 supports all Lightweight Directory Access Protocol (LDAP) dynamic and nested groups when using IBM Tivoli Directory Server 4.1 and later. This function is enabled by default by taking advantage of a new feature in IBM Tivoli Directory Server. IBM Tivoli Directory Server V4.1 uses the ibm-allGroups forward reference group attribute that automatically calculates all the group memberships (including dynamic and recursive memberships) for a user. Security directly locates a user group membership from a user object rather than indirectly search all the groups to match group members.
Refer to Configuring dynamic and nested group support for the IBM Tivoli Directory Server for more information.
Related concepts
Dynamic and nested group support for the SunONE or iPlanet Directory
Server
Locating a user's group memberships in Lightweight Directory Access
Protocol
Lightweight Directory Access Protocol
Related tasks
Configuring dynamic and nested group support for the SunONE or iPlanet
Directory Server
Configuring dynamic and nested group support for the IBM Tivoli Directory
Server
Using specific directory servers as the LDAP server