By default the user registry is the local operating system registry.
If you prefer, use an external Lightweight Directory Access Protocol (LDAP)
as the user registry.
Why and when to perform this task
If you want
WebSphere ESB to
use an LDAP binding when authenticating users and other security-related tasks,
you can configure LDAP as the user registry.
To configure LDAP as the user
registry, use the administrative console to complete the following steps:
Steps for this task
- Display the LDAP User Registry configuration page.
- In the navigation pane, click .
- In the content pane, click [User registries] LDAP.
- Set the user name and password used to run WebSphere ESB for
security purposes.
In the Server user ID field
type the user name and in the Server user password enter
the corresponding password. This user ID is not the LDAP administrator user
ID. The entry should exist in the LDAP user registry.
- Choose the type of LDAP server you are using.
From
the Type list choose the specific LDAP server to use
as your user registry.
- Enter the name of the machine where the LDAP resides.
In
the Host field enter the name of the server where the
LDAP resides.
- Enter the port number on which the LDAP listens.
In
the Port field enter the port number on which the LDAP
server is listening.
- Enter the Base Distinguished Name.
Specifies the base distinguished name of the directory service,
indicating the starting point for LDAP searches of the directory service.
For
authorization purposes, this field is case sensitive. This specification implies
that if a token is received (for example, from another cell or Domino) the
base DN in the server must match the base DN from the other cell or Domino
server exactly. If case sensitivity is not a consideration for authorization,
enable the Ignore case field. This field is required
for all Lightweight Directory Access Protocol (LDAP) directories except for
the Domino Directory, where this field is optional.
- Leave the remaining parameters with the default values and confirm
your changes.
Click OK.
What to do next
The LDAP user registry is used if global security is switched
on.