WPS: Autenticando Usuarios - Configurando um LDAP Federado
Vamos configurar a consulta a um diretório LDAP ao repositório federado, para armazenar informações sobre as contas de usuários.
Obs. 1: Verifique que os servidores server1 e WebSphere_Portal estejam executando antes de iniciar está tarefa.
Obs. 2: Veja exemplos em /opt/IBM/WebSphere/wp_profile/ConfigEngine/config/helpers
Passos
1. Backup dos arquivos de configuração
Vá para o diretório
/opt/IBM/WebSphere/wp_profile/ConfigEngine/properties
faça um backup dos arquivos wkplc.properties
cp wkplc.properties wkplc.properties_antesLDAP
2. Definições no arquivo wkplc.properties
Edite o arquivo wkplc.properties e defina o seguinte:
- Na seção VMM Federated LDAP Properties
# The id specifies a unique identifier for the repository within the cell # Characters that are not allowed in normal XML strings ( & < > " ' ) cannot be used in the repository ID. federated.ldap.id=ldap1EmpresaX # Specifies the host name of the primary LDAP server. This host name is either an IP address or a domain name service (DNS) name. federated.ldap.host=ldapserver.empresax.com.br # Specifies the LDAP server port. federated.ldap.port=389 # Specifies the distinguished name for the application server to use when binding to the LDAP repository. federated.ldap.bindDN=cn=wpsbind,o=empresax # Specifies the password for the application server to use when binding to the LDAP repository. federated.ldap.bindPassword=ReplaceWithYourPwd # Specifies the type of LDAP server to which you connect # This must be one of the following values: SECUREWAY,IDS4,IDS51,IDS52,IDS6,ZOSDS,DOMINO5,DOMINO6, DOMINO65,DOMINO7,NDS,SUNONE,AD2000,AD2003,ADAM,CUSTOM federated.ldap.ldapServerType=DOMINO7 # The LDAP base entry. federated.ldap.baseDN=o=empresax
- Na seção LDAP entity types
# Entity type Group # The search filter that you want to use to search the entity type. # VMM uses this filter as an addition during search requests in your environment # The syntax is like a standard LDAP searchfilter like (objectclass=dominoGroup) # In general this value can be left blank federated.ldap.et.group.searchFilter= # One or more object classes for the entity type. federated.ldap.et.group.objectClasses=dominoGroup # The object class to use when an entity type is created. If the value of this parameter is the same as the objectClass parameter, you do not need to specify this parameter. federated.ldap.et.group.objectClassesForCreate= # The search base or bases to use while searching the entity type. federated.ldap.et.group.searchBases=
# Entity type PersonAccount # The search filter that you want to use to search the entity type. # VMM uses this filter as an addition during search requests in your environment # The syntax is like a standard LDAP searchfilter like (objectclass=dominoPerson) # In general this value can be left blank federated.ldap.et.personaccount.searchFilter= # One or more object classes for the entity type. federated.ldap.et.personaccount.objectClasses=dominoPerson # The object class to use when an entity type is created. If the value of this parameter is the same as the objectClass parameter, you do not need to specify this parameter. federated.ldap.et.personaccount.objectClassesForCreate= # The search base or bases to use while searching the entity type. federated.ldap.et.personaccount.searchBases=