1. Manuals
  2. Brands
  3. IBM Manuals
  4. Software
  5. BS029ML - WebSphere Portal Server
  6. Self help manual

Adding Application Specific Attributes To Users And Groups - IBM BS029ML - WebSphere Portal Server Self Help Manual

Self help guide
Hide thumbs
Table of Contents

Advertisement

In the following discussion, we assume the user IDs used for the purposes above are all
different. After the discussion, readers can easily extrapolate the cases if the user IDs may
play multiple roles.
The portal Admin user's password is not stored in any of the portal databases, unless the
security is enabled using the database as the user registry, such as the default WMMUR DB.
So the password of the portal admin user can be changed through the portal Edit My Profile
page, if portal is configured to be able to do so, or can be changed directly in the LDAP
server. After the password change, the portal admin user should work fine, but you may find
exceptions during the portal startup. This is due to RunAs roles configured on some of the
enterprise applications deployed on the Application Server. Check the ones listed here:
LWP_CAI
LWP_Security_ext
LWP_TAI
pznscheduler.ear
The portal admin user ID and the group DN cannot be simply replaced without
re-configuring security, which mainly involves disabling security, modifying LDAP
information in wpconfig.properties, and re-enabling security.
The WebSphere Application Server admin user can be a little trickier, since the password is
stored in configuration XML files. Timing is the key. The password should be updated in the
Administrative Console. Before the password is changed in LDAP, you must have the
Application Server running and already logged in to the Administrative Console. After the
password is changed on the LDAP server, you can then change the password in the admin
console. Restart the server to make sure the change is successful. Within a cluster, the
password should be changed through the Deployment Manager.
The process of changing the password of LDAPBindID is similar to that of the WebSphere
Application Server admin user.
The password for the WMM bind user ID (LDAPAdminUId) must be encrypted by using
wmm_encrypt.bat/.sh, and written into wmm.xml (adminPassword).

4.2.4 Adding application specific attributes to users and groups

With an LDAP server configuration, a set of default attributes have already been defined
based on a standard objectclass, such as inetOrgPerson for users. In many cases, some new
attributes, not available in the standard objectclass, are required for the applications. There
are a couple of ways to accomplish this task.
Chapter 4. WebSphere Portal security
99

Advertisement

Table of Contents
loading

Related Manuals for IBM BS029ML - WebSphere Portal Server

Related Content for IBM BS029ML - WebSphere Portal Server

This manual is also suitable for:

Websphere portal v6

Table of Contents