FreeKB - How to authenticate against an operating system, LDAP, or federated repository in WebSphere
How to authenticate against an operating system, LDAP, or federated repository in WebSphere
Home > Search > How-to

In the left panel of the WebSphere web console, expand Security and select Global security. Ensure administrative security is enabled. By default, the user account repository will be set to Local operating system.

 

A user account repository is the system that will be used to store and retrieve user account information (username, password, et cetera). There are 4 types of repositories that can be used.

  • Local operating system - get user accounts from the operating system
  • LDAP repository - get user accounts from an LDAP server
  • Federated repository - get user accounts from multiple systems, including WebSphere, LDAP, and Local Operating System
  • Custom repository

 

 

Federated repository

  1. In the left panel of the WebSphere web console, expand Security and select Global Security.
  2. Select Security Configuration Wizard.
  3. At Step 1, select Enable application security and select Next.
  4. At Step 2, select Federated repository and select Next.
  5. At Step 3, enter a username and password for the primary administrative user and select Next.
  6. At Step 4, select Finish.
  7. Select Save.

The repository will now be set to Federated repositories. Restart the Deployment Manager for the change to take effect.

 

The web console sign in screen should now have fields for both the username and password.

 

LDAP

  1. In the left panel of the WebSphere web console, expand Security and select Global Security.
  2. Select Security Configuration Wizard.
  3. At Step 1, select Enable application security and select Next.
  4. At Step 2, select Standalone LDAP registry and select Next.
  5. At Step 3, complete the form to use an LDAP server for authentication.
  6. At Step 4, select Finish.
  7. Select Save.

The repository will now be set to Standalone LDAP registry. Restart the Deployment Manager for the change to take effect.

 

The web console sign in screen should now have fields for both the username and password.

 

The global security settings are stored in the security.xml file which is located at /opt/IBM/WebSphere/server_name/profiles/profile_name/cells/cell_name/.

Add a Comment




We will never share your name or email with anyone. Enter your email if you would like to be notified when we respond to your comment.




Please enter in the box below so that we can be sure you are a human.




Comments

June 7th, 2018 by Addy
Thank you Jeremy for such post. I'm new to Websphere and I was unable to enable Enable Administrative Security in Websphere.. was getting error on UI-SECJ7716E Primary administrative user Id does not exist in the registry. This post helped me get going with ldap configuration.

June 8th, 2018 by Jeremy (moderator)
Hi Addy. I am very happy to know that this article was helpful, and I am also excited to know that you were able to configure WebSphere to authenticate against an LDAP repository. Great work!

FreeKB   |   2019   |   support@freekb.net