Configure dynamic and nested group support for the SunONE or iPlanet Directory Server

 

Configure dynamic and nested group support for the SunONE or iPlanet Directory Server

Configure dynamic and nested groups to simplify WebSphere Application Server security management and increase its effectiveness and flexibility.

To use dynamic and nested groups with WebSphere Application Server security, be running WebSphere Application Server Version 5.1.1 or later. Refer to Dynamic and nested group support for the SunONE or iPlanet Directory Server for more information on this topic.

 

Procedure

  1. In the administrative console for WebSphere Application Server, click Security > Global security.

  2. Under User registries, click LDAP.

  3. Select SunONE for the type of LDAP server.

  4. Select the Ignore case for authorization option.

  5. Under Additional Properties, click Advanced Lightweight Directory Access Protocol (LDAP) user registry settings.

  6. Change the Group filter setting to &(cn=%v)(objectclass=ldapsubentry)).

  7. Change the Group member ID map setting to nsRole:nsRole.

  8. Click Apply or OK to validate the changes.



 

Related concepts


Dynamic groups and nested group support for the IBM Tivoli Directory Server
Lightweight Directory Access Protocol user registries

 

Related tasks


Locating a user’s group memberships in Lightweight Directory Access Protocol
Configuring dynamic and nested group support for the IBM Tivoli Directory Server
Using specific directory servers as the LDAP server
Configuring Lightweight Directory Access Protocol user registries