Reference - wkplc.properties WebSphere Portal v6.1.5

Reference - wkplc.properties

+
Search Tips | Advanced Search

The following are general notes about the wkplc.properties file:

Do NOT enclose any value in quotes
Windows paths must use /, instead of a
Windows long paths are okay
Properties are immutable. After they are set they cannot be overridden

Precedence is as follows in descending order

Properties set on command line are read first
-DMyNode=somenode

Properties set in properties file are read next
Properties set in buildfile file are read last

General Properties

EngineInstallLocation

Set by the installer. Should not be changed. The value of this property is the location of the ConfigEngine root
Value(s): Directory path with elements delimited by forward slashes (/)
Example: i5/OS: /QIBM/UserData/WebSphere/AppServer/V61/ND/profiles/wp_profile/ConfigEngine
Default: c:/IBM/ConfigEngine

WasSoapPort

The port used to connect to the WAS with remote connections
Value(s): Numeric string
Example:
Default: 10005

WasRemoteHostName

Host name of the server that makes WAS connections.
Value(s): Host name including the domain
Example: my_host_name.mydomain.com
Default: none

WAS Properties

VirtualHostName

The name of the WAS virtual host
Value(s): Alphanumeric text string
Example:
Default: default_host

WasUserid

The user ID for WAS security authentication. For an LDAP configuration this should be the fully qualified distinguished name (DN) of a current administrative user for the WAS. For a configuration using Virtual Manager User Registry database the short version of the distinguished name must be used.
Value(s): Alphanumeric text string. Type the value in lower case, regardless of the case used in the distinguished name (DN).
Example: The following examples are for LDAP security. For LDAP configuration this value should not contain spaces.
     Tivoli Directory Server:             uid=wpsbind,cn=users,dc=yourco,dc=com  
     Lotus Domino:                        cn=wpsbind,o=yourco.com  
     Active Directory:                    cn=wpsbind,cn=users,dc=yourco,dc=com  
     Active Directory Application Mode:   cn=wpsbind,cn=users,dc=yourco,dc=com  
     Sun Java System Directory Server:    uid=wpsbind,ou=people,o=yourco.com  
     Novell eDirectory                    uid=wpsbind,ou=people,o=yourco.com  
     Custom User Registry:               wpsbind 
     Default:                            wpsadmin
WasPassword

The password for WAS security authentication. The WasPassword parameter can be specified in this file or you can pass it on the command line using the -DWasPassword=password string.
Value(s): Alphanumeric text string
Example:
Default: none

WasHome

The directory where WAS product files are installed. The installation program sets this value based on user input during installation.
Value(s): Directory path with elements delimited by forward slashes (/)
Example: An examples is provided for each operating system:
i5/OS: WasHome=/QIBM/ProdData/WebSphere/AppServer/V61/ND
UNIX: WasHome=/opt/IBM/WebSphere/AppServer
Windows: WasHome=C:/WebSphere/AppServer
Default: default values are operating system unique and specific

WasUserHome

The directory where WAS user data is created. The installation program sets this value based on user input during installation.
Value(s): Directory path with elements delimited by forward slashes (/)
Example: Examples are provided for each operating system:
i5/OS: /QIBM/UserData/WebSphere/AppServer/V61/ND/profiles/wp_profile
UNIX: /opt/IBM/WebSphere/wp_profile
Windows: WasUserHome=C:/WebSphere/wp_profile
Default: default values are operating system unique and specific

ProfileName

The name of the WAS profile name
Value(s): Alphanumeric text string
Example:
Default: wp_profile

CellName

The name of the WAS cell where the WAS belongs.
Value(s): Alphanumeric text string
Example:
Default: portswps

NodeName

Node within the WAS cell where the WAS belongs. This value must be unique among other node names in the same cell. Typically this value is the same as the host name for the computer.
Value(s): Alphanumeric text string
Example:
Default: portswps

ServerName

The name of the appserver where the WebSphere Portal application is deployed. This value must be unique among other appserver names in the same cell.
Value(s): Alphanumeric text string
Example:
Default: WebSphere_Portal

WasAdminServer

Name of the appserver for administration. For i5/OS, if your WAS profile was created with a different WAS administrative server name, you should change this value to reflect that.
Value(s): Alphanumeric text string
Example:
Default: default values are unique for each operating system.
Windows and Unix: WasAdminServer=server1
i5/OS: WasAdminServer=profile_name

LTPAPassword

Password to encrypt and decrypt the LTPA keys.
Value(s): Alphanumeric text string
Example:
Default: none

wasJvmBitType

Solaris specific property that specifies whether to use the 64 bit or 32 bit JVM.
Value(s):
Example:
The following examples are for 32bit JVM:
wasJvmBitType=sparc32
wasJvmBitType=x86
wasJvmBitType=ia32
The following examples are for 64bit JVM:
wasJvmBitType=sparc64
wasJvmBitType=x64
Default: sparc32

Portal Configuration Properties

WpsInstallLocation

The directory where WebSphere Portal is installed.
Value(s): Directory path with elements delimited by forward slashes (/)
Example: Examples are provided for each operating system:
i5/OS: WpsInstallLocation=/QIBM/UserData/WebSphere/AppServer/V61/ND/profiles/wp_profile/PortalServer
UNIX: WpsInstallLocation=/opt/IBM/WebSphere/PortalServer
Windows: WpsInstallLocation=C:/IBM/WebSphere/Portal
Default: default values are operating system specific

WpsHostName

The fully qualified host name of the Web server that WAS is configured to use. This value is set by the installation program based on user input during installation.
Value(s): host name, including the domain.
Example: The following example is the host name for: http://HostName.Domain.com:Port/ContextRoot/DefaultHome
WpsHostName=HostName.Domain.com
Default: localhost

WpsHostPort

Transport port number used to access the host machine identified by the WpsHostName property.
Value(s): port number
i5/OS: 80
UNIX: 10038
Windows: 80
Example:
Default: default values are operating system specific

PortalAdminId

User ID for the WebSphere Portal Administrator. The installation program sets this value based on user input during installation.
A valid user ID contains only ASCII characters and can contain the following characters:
     Lower case characters a-z
     Upper case characters A-Z 
     Numbers 0-9 
     Exclamation point !  
     Open parenthesis ( 
     Close parenthesis ) 
     Dash - 
     Period .  
     Question mark ?  
     Open bracket [ 
     Close bracket ] 
     Underscore _ 
     Grave accent ` 
     Tilde ~ 
The user ID cannot contain a space: for example, user ID; and cannot be longer than 200 characters.
(UNIX only) Some tasks may require you to enter the fully qualified user ID. If your fully qualified user ID contains a space; for example:
cn=wpsadmin,cn=users,l=SharedLDAP,c=US,ou=Lotus,o=Software Group,dc=ibm,dc=com

... place the fully qualified user ID in the properties file or into a parent properties file instead of as a flag on the command line.
For example, create a parent properties file called mysecurity.properties, enter the fully qualified user ID, and then run the task: ./ConfigEngine.sh task_name -DparentProperties=/opt/mysecurity.properties.
(Windows only) Some tasks may require you to enter the fully qualified user ID. If your fully qualified user ID contains a space; for example:
cn=wpsadmin,cn=users,l=SharedLDAP,c=US,ou=Lotus,o=Software Group,dc=ibm,dc=com

... place quotes around the fully qualified user ID before running the task; for example...
"cn=wpsadmin,cn=users,l=SharedLDAP,c=US,ou=Lotus,o=Software Group,dc=ibm,dc=com"

Value(s):
Example:
Development configuration without security: PortalAdminId=wpsadmin
     IBM Directory Server: uid=<portaladminid>,cn=users,dc=yourco,dc=com 
     Domino:               cn=<portaladminid>,o=yourco.com 
     Active Directory:     cn=<portaladminid>,cn=users,dc=yourco,dc=com 
     Active Directory AM:  cn=<portaladminid>,cn=users,dc=yourco,dc=com 
     SunOne:               uid=<portaladminid>,ou=people,o=yourco.com 
     Novell eDirectory     uid=<portaladminid>,ou=people,o=yourco.com 
     Default:              wpsadmin 
PortalAdminPwd

Password for the WebSphere Portal Administrator. The installation program sets this value based on user input during installation.
The password cannot contain a space: for example, pass word; and cannot be longer than 128 characters.
Value(s):
Example:
Default: none

PortalAdminGroupId

Group ID for the WebSphere Portal Administrator group. The installation program sets this value based on user input during installation.
Value(s): Make sure to type the value in lower case, regardless of the case used in the distinguished name (DN). Alphanumeric text string, conforming to the LDAP distinguished name format
Example: The following are examples for each LDAP. In the examples, portaladmingroupid is a variable value that should be modified for your environment.
     IBM Directory Server:                       PortalAdminGroupId=cn=portaladmingroupid,cn=groups,dc=yourco,dc=com  
     Domino:                                     PortalAdminGroupId=cn=portaladmingroupid  
     Active Directory:                           PortalAdminGroupId=cn=portaladmingroupid,cn=groups,dc=yourco,dc=com  
     Active Directory AM:                        PortalAdminGroupId=cn=portaladmingroupid,cn=groups,dc=yourco,dc=com  
     SunOne:                                     PortalAdminGroupId=cn=portaladmingroupid,ou=groups,o=yourco.com  
     Novell eDirectory                           PortalAdminGroupId=cn=portaladmingroupid,ou=groups,o=yourco.com  
     Custom user registry:                       PortalAdminGroupId=cn=wpsadmins,o=default organization 
     Development configuration without security: PortalAdminGroupId=wpsadmins 
     Default:                                    wpsadmins
PortalUniqueID

The 12 hex digits unique to this WebSphere Portal instance. Usually a MAC address from a communications adapter on this node. It is used for the object ID creation mechanism and has to be different for each node. Only nodes running on one machine may have the same PortalUniqeID.
Value(s): 12 digits
Example:
Default: 00054E48AA0C

WpsContextRoot

The WebSphere Portal context root or base URI. All URLs beginning with this path will be reserved for WebSphere Portal. The value of this property is part of the URL used to access WebSphere Portal from a browser. In the following URL, wps is the context root: http://localhost:80/wps/portal.
Value(s): Alphanumeric text string
Example:
Default: wps

WpsHostBasePort

Required for iSeries only. The port block that will be used for WebSphere Portal Server
Value(s): port number
Example:
Default: 10000
WpsHostOldPort1=9080
WpsHostOldPort2=9090
WpsHostSSLOldPort1=9043
WpsHostSSLOldPort2=9443

SMFLibrary

Required for z/OS only. The library where the ifaedjreg.jar file resides
Value(s):
Example:
Default: none

SMFNativeLibrary

Required for z/OS only. The library where the SMF DLLs reside.
Value(s):
Example: none available
Default: none

ServerShortName

Required for z/OS only. ServerShortName is the server's jobname, as specified in the MVS START command JOBNAME parameter. JOBNAME is the name of the task or script that runs when the server is running. MVS (Multiple Virtual Storage) is the name of the operating system that runs on the mainframe. This value is also passed as a parameter to the server's start procedures to specify the location of the server's configuration files and identify the server to certain WebSphere for z/OS- exploited z/OS facilities (for example, SAF).
Value(s): The name must be 7 or fewer characters and all uppercase.
Example: ServerShortName=SAF
Default: BBOS002

ClusterTransitionName

Required for z/OS only. The cluster transition name is the WLM APPLENV (WLM application environment) name for this server.
Value(s): The name must be 8 or fewer characters and all uppercase.
Example:
Default: BBOC002

WpsSMPEHomeDirectory

Required for z/OS only. WpsSMPEHomeDirectory is the location of the SMP/E install image for the WebSphere Portal SMP/E package.
Value(s):
Example:
Default: none

Portal Cluster Properties

ClusterName

Use this property to specify the cluster name you want to use when creating the cluster. Do not use spaces or special characters in the cluster name.
Value(s):
Example:
Default: PortalCluster

PushFrequency

Time, in seconds, to wait before pushing new or modified cache entries to other servers.
Value(s): 1 or greater
Example: 1
Default: 1

ReplicationType

Global sharing policy for this appserver. Push only sends the cache ID and cache content of new content to all other servers in the replication domain.
Value(s): PUSH
Example:
Default: PUSH

PrimaryNode

Set PrimaryNode to true if this is the primary node in the cluster. Set PrimaryNode to false if this is a secondary node.
Value(s): true false
Example:
Default: true

Stepup Authentication

sua_user

Defines the key which is used to encrypt the Cookie information. The value does not need to match to a real user.
For example, you can use myname as the value.
Value(s):
Example:
Default: none

sua_serversecret_password

This value is used as an encryption key for the information used in the RememberMe cookie, which is part of the step-up authentication. This does not need to be an existing password. For example, you can use mypassword as the value.
Value(s):
Example:
Default: none

enable_rememberme

Defines if Rememberme should be enabled when the enable-stepup-authentication task is run.
Value(s): true false
Example:
Default: true

Virtual Portal Configuration

VirtualPortalTitle

This value will be the title of the Virtual Portal.
Value(s):
Example:
Default: none

VirtualPortalRealm

This value is the realm used for the virtual portal defined in VirtualPortalTitle.
Value(s):
Example:
Default: none

VirtualPortalHostName

DNS name of the virtual portal. The virtual portal can be referenced by the DNS name instead of the URL prefix. When the value is left blank, a virtual portal will use the common DNS name used by all portals.
Value(s): DNS hostname
Example:
Default: none

VirtualPortalContext

A unique portal context must be provided for the Virtual Portal. If you set the host name parameter (VirtualPortalHostName), the portal context is ignored. A virtual portal can either be accessed by a DNS/Hostname or a URL prefix. When both a DNS/Hostname and URL prefix are provided, the DNS/Hostname will be used for the VirtualPortalContext.
Value(s): URL prefix
Example:
Default: none

VirtualPortalNlsFile

An optional file which contains language specific information for the Virtual Portal. Create an NLS file to specify additional titles and descriptions in other languages for your Virtual Portal. Descriptions can only be provided in an NLS file. Do not use prefixes in that NLS file. If you do not specify an NLS file, the Virtual Portal is created with the title that you give as the value to the VirtualPortalTitle parameter only. Titles and descriptions are not created for other languages. However, if you specify an NLS file, the value given for the virtual portal title in the NLS file overrides the value that you provide for the VirtualPortalTitle property. If you want to create a description for the virtual portal, you have to specify this in a national language support (NLS) file. If you want to modify the title or description of the Virtual Portal, you have to add the new title and description to the NLS file.
Value(s): The path and file name of your NLS file.
Example:
Default: none

VirtualPortalObjectId

Object ID of the virtual portal. The object ID is required to modify and delete Virtual Portals. To determine what this value is, run the following task: list-all-virtual-portals. Do not delete the default Virtual Portal. The Object ID for the default Virtual Portal ends with _0.
Value(s):
Example:
Default: none

General Portal Security Properties

ignoreDuplicateIDs

Set this value to true to recover from an incomplete LDAP repository creation if the repository cannot be deleted.
Value(s): true false
Example:
Default: false

trimSpaces

Set this value to false and add the attribute to the security ANT target in order to contain trailing spaces of attributes defined in this file.
Value(s): true false
Example:
Default: true

Federated Security Properties

Add or update an LDAP

federated.ldap.id

Unique identifier for the repository within the cell. During an update, this value must match the ID of the repository to be updated. Characters that are not allowed in normal XML strings ( & < > " ' ) cannot be used in the repository ID.
Value(s):
Example:
Default: none

federated.ldap.host

Host name of the primary LDAP server. This host name is either an IP address or a domain name service (DNS) name. During an update, this value must match the ID of the repository to be updated.
Value(s): IP address or domain service name
Example:
Default: none

federated.ldap.port

LDAP server port.
Value(s):
Example:
Default: 389

federated.ldap.bindDN

Distinguished name for the appserver to use when binding to the LDAP repository.
Value(s):
Example: cn=wpbindad,ou=AdUsers,ou=PortalUsers,ou=Users,ou=Ops,dc=mycompany,dc=com
Default: none

federated.ldap.bindPassword

Password for the appserver to use when binding to the LDAP repository.
Value(s):
Example:
Default: none

federated.ldap.ldapServerType

Type of LDAP server to which you connect. If your LDAP server version is not listed, enter the value for the highest listed version of your server.
For example use AD2003 if you have Active Directory 2008.
Value(s):
WAS 6.0 must be one of the following values:
SECUREWAY,IDS4,IDS51,IDS52,IDS6,ZOSDS,DOMINO5,DOMINO6,DOMINO65,DOMINO7,NDS,SUNONE,AD2000,AD2003,ADAM,CUSTOM
WAS 7.0 must be one of the following values: IDS, ZOSDS, DOMINO, NDS, SUNONE, AD, ADAM, CUSTOM
Example:
Default: none

federated.ldap.baseDN

LDAP base entry.
Value(s):
Example:
Default: none

LDAP entity types

The supported entity types are Group and PersonAccount.
Group entity type:
default searchFilter = <empty>
default objectClasses = groupOfNames
default objectClassesForCreate = groupOfNames
default searchBases = <empty>
PersonAccount entity type:
default searchFilter = <empty>
default objectClasses = inetOrgPerson
default objectClassesForCreate = inetOrgPerson
default searchBases = <empty>
Group entity type

federated.ldap.et.group.searchFilter

Search filter that you want to use to search the entity type. VMM uses this filter as an addition during search requests in your environment. The syntax is like a standard LDAP searchfilter. If this parameter is blank, WMM will formulate the filter as (&(uid=*)(objectClass=user))
Value(s): an LDAP search filter
Example: federated.ldap.et.group.searchFilter=(objectclass=groupOfUniqueNames)
Default: no default

federated.ldap.et.group.objectClasses

One or more object classes (separated by ';') for the entity type.
Value(s): object classes
Example:
Default: groupOfUniqueNames

federated.ldap.et.group.objectClassesForCreate

One or more object classes (separated by ';') to use when an entity type is created. If the value of this parameter is the same as the objectClass parameter, you do not need to specify this parameter.
Value(s): object classes
Example:
Default: no default

federated.ldap.et.group.searchBases

Search base or bases to use while searching the entity type. Multiple search bases are separated by semicolon (";"). If search bases are not specified, then VMM will search under the nodes defined in nodeMaps tag. Therefore you can improve performance if you specify search bases, limiting or reducing the number of search bases. If this is a multiple virtual portal environment, the realm definition of the virtual portal overwrites the searchBase for the objectType. To keep virtual portals that do not have a realm assigned to them functional, keep the searchBase in sync with the nodes where you want your search to start.
Value(s): One or more search bases
Example: federated.ldap.et.group.searchBases="cn=users1,dc=yourco,dc=com;cn=users2,dc=yourco,dc=com"
Default: no default

PersonAccount entity type

federated.ldap.et.personaccount.searchFilter

Search filter that you want to use to search the entity type. WMM uses this filter as an addition during search requests in your environment. The syntax is like a standard LDAP searchfilter. If no value is specified for this parameter, If this parameter is blank, WMM will formulate the filter as (&(uid=*)(objectClass=user))
Value(s): LDAP search filter
Example: federated.ldap.et.personaccount.searchFilter=(objectclass=inetOrgPerson)
Default: no default

federated.ldap.et.personaccount.objectClasses

One or more object classes (separated by ';') for the entity type.
Value(s): object classes
Example: none available
Default: inetorgperson

federated.ldap.et.personaccount.objectClassesForCreate

One or more object classes (separated by ';') to use when an entity type is created. If the value of this parameter is the same as the objectClass parameter, you do not need to specify this parameter.
Value(s): object classes
Example: none available
Default: no default

federated.ldap.et.personaccount.searchBases

Search base or bases to use while searching the entity type. Multiple search bases are separated by semicolon (";"). If search bases are not specified, then WMM will search under the nodes defined in nodeMaps tag. Therefore you can improve performance if you specify search bases, limiting or reducing the number of search bases.
Value(s): object classes
Example: federated.ldap.et.personaccount.searchBases=cn=users1,dc=yourco,dc=com;cn=users2,dc=yourco,dc=com"
Default: no default

Group member attributes

federated.ldap.gm.groupMemberName

The name of the LDAP attribute used as the group member attribute.
Value(s): group member attribute
Example:
federated.ldap.gm.groupMemberName=uniqueMember
federated.ldap.gm.groupMemberName=Member
Default: uniqueMember

federated.ldap.gm.objectClass

The group object class that contains the member attribute. If not defined, the member attribute applies to all group object classes.
Value(s):
Example:
federated.ldap.gm.objectClass= groupOfNames
federated.ldap.gm.objectClass= groupOfUnqiueNames
Default: groupOfUniqueNames

federated.ldap.gm.scope

Scope of the member attribute.
Value(s): Valid values include...

direct Contains direct members.
nested Contains direct and nested members.

Example: federated.ldap.gm.scope=nested
Default: direct

federated.ldap.gm.dummyMember

If you create a group without specifying a member, a dummy member will be filled in to avoid creating an exception about missing a mandatory attribute. For Active Directory, Sun One and Novell eDirectory servers, the value has to be empty or point to an existing entry in the LDAP directory.
Value(s): none available
Example:
Default: uid=dummy

federated.ldap.gc.name

Name of the membership attribute.
Value(s):
Example:
Active Directory: federated.ldap.gc.name=memberOf
IBM Directory Server: federated.ldap.gc.name=ibm-allGroups
Default: none

federated.ldap.gc.updateGroupMembership

Updates the group membership if the member is deleted or renamed. Some LDAP servers, such as Domino server, do not clean up the membership of the user when a user is deleted or renamed. If you choose these LDAP server types in the ldapServerType property, the value of this parameter is set to true. Use this parameter to change the value.
Value(s):
Example:
Default: false

federated.ldap.gc.scope

Scope of the membership attribute.
Value(s): Valid values include...

direct Contains direct groups.
nested Contains direct and nested groups.
all Contains direct groups, nested groups, and dynamic members.

Example: federated.ldap.gc.scope=all
Default: direct

federated.ldap.adapterClassName

The implementation class name for the repository adapter.
Value(s): class name
Example:
Default: com.ibm.ws.wim.adapter.ldap.LdapAdapter

federated.ldap.supportSorting

Indicates if sorting is supported or not.
Value(s): true false
Example:
Default: false

federated.ldap.supportTransactions

Indicates if transactions are supported or not.
Value(s): true false
Example:
Default: false

federated.ldap.isExtIdUnique

Specifies if the external ID is unique.
Value(s): true false
Example:
Default: true

federated.ldap.supportExternalName

Indicates if external names are supported or not.
Value(s): true false
Example:
Default: false

federated.ldap.sslEnabled

Specifies whether secure socket communication is enabled to the LDAP server. When enabled (true), the SSL settings for LDAP are used.
Value(s): true false
Example:
Default: false

federated.ldap.sslConfiguration

Name of the appserver SSL configuration (such as mySSLconfig) to be used for SSL enabled LDAP server. Application Server SSL configuration names can be found in Administrative console at Security-SSL certificate and key management. This property is used to specify a non default SSL configuration if federated.ldap.sslEnabled=true.
Value(s):
Example:
Default: none

federated.ldap.certificateMapMode

Specifies whether to map X.509 certificates into a LDAP directory by exact distinguished name or certificate filter. Specify the certificate filter to use the specified filter for the mapping, if client certificate authentication is used for portal server.
Value(s): EXACT_DN, CERTIFICATE_FILTER
Example:
Default: EXACT_DN

federated.ldap.certificateFilter

Filter is used to map attributes in the client certificate to entries within the LDAP repository. Specifies the filter certificate mapping property for the LDAP filter, if client certificate authentication is used for portal server.
Value(s): The syntax or structure of this filter is: LDAP attribute=$Client certificate attribute
Example: federated.ldap.certificateFilter=uid=$SubjectCN
Default: none

federated.ldap.supportPaging

Indicates if paging is supported or not.
Value(s): true false
Example:
Default: false

federated.ldap.authentication

Indicates the authentication method to use.
Value(s): Valid values include the following: none, strong, simple
Example:
Default: simple

federated.ldap.loginProperties

Indicates the property name used for login.
Value(s):
Example: federated.ldap.loginProperties=cn
Default: uid

federated.ldap.referral

LDAP referral.
Value(s): Valid values include the following: ignore, follow, throw, or false.
Example:
Default: ignore

federated.ldap.derefAliases

Controls how aliases are dereferenced.
Value(s): Valid values include the following:
always - always deference aliases
never - never deference aliases
finding - deference aliases only during name resolution
searching - deference aliases only after name resolution
Example: federated.ldap.derefAliases=never
Default: always

federated.ldap.connectionPool

Connection pool.
Value(s): true false
Example:
Default: false

federated.ldap.connectTimeout

The connection timeout measured in seconds.
Value(s): numeric
Example:
Default: 0

federated.ldap.primaryServerQueryTimeInterval

Indicates the polling interval for testing the primary server availability. The value of this parameter is specified in minutes.
Value(s): numeric
Example:
Default: 15

federated.ldap.returnToPrimaryServer

Indicates to return to the primary LDAP server when it is available.
Value(s): true false
Example:
Default: true

federated.ldap.searchPageSize

Value of search page size. This is the number of entries per page.
Value(s): numeric
Example:
Default: 50

federated.ldap.searchCountLimit

Value of the search count limit.
Value(s): numeric
Example:
Default: 500

federated.ldap.searchTimeLimit

Value of the search time limit measured in miliseconds.
Value(s): numeric
Example:
Default:120000

federated.ldap.translateRDN

Indicates to translate RDN or not. The default value is false.
Value(s): true false
Example:
Default: false

federated.ldap.cp.maxPoolSize

The maximum number of context instances that can be maintained concurrently by the context pool.
Value(s): numeric
Example:
Default: 20
Database modification tasks of Virtual Member Manager need a connection to a running server instance. Please check your Server is running prior to executing these tasks

federated.db.DataSourceName

JNDI name of the data source used to access the federated database domain.
Value(s):
Example:
Default: vmmfeddbDS

federated.db.DbType

The type of database to be used for VMM Federated database domain for information about supported values. Please check the wkplc_comp.properties file.
Value(s): Valid values include the following:
db2
oracle
sqlserver
db2_zos
db2_iseries
Example:
Default: db2

federated.db.DbUrl

Federated domain database URL for information about supported values. Please check the wkplc_comp.properties file.
Value(s):
Example:
Default: jdbc:db2:vmmfeddb

federated.db.DbName

Name of the VMM Federated database. This value should also appear as the database element in DbUrl. Please verify that you point to the same database.
Value(s): The TCPIP alias for the database
Example:
Default: vmmfeddb

federated.db.id

ID specifies a unique identifier for the repository within the cell. Characters that are not allowed in normal XML strings ( & < > " ' ) cannot be used in the repository ID.
Value(s):
Example:
Default: vmmDb

federated.db.baseDN

Database base entry. This is the start point where all DB entities will be stored under. Verify the uniqueness of this string.
Value(s): string
Example:
Default: none

federated.db.DbUser

The database administrator user ID.
Value(s): Alphanumeric text string
Example:
Default: db2admin

federated.db.DbPassword

Database administrator password.
Value(s):
Example:
Default: none

federated.db.JdbcProviderName

The name of jdbc provider to be used. keep la.JdbcProviderName in sync for the same db type la.JdbcProviderName and federated.db.JdbcProviderName must be different for different database types.
Value(s):
Example:
Default: vmmdbJDBC

federated.db.DbSchema

The VMM Federated domain database schema name. Follow the documentation of the target database management system in order to define a valid schema name as restrictions apply for some database management systems.
Value(s):
Example:
Default: federate

federated.db.DbNameOnZos

Required for DB2 for z/OS and OS/390 only. If running db2_zos as remote database, the name of the remote VMM federated database. If portal is running on z/OS with db2_zos, must be set equal to DbName.
Value(s): Alphanumeric text string
Example:
Default: WPSTST02

federated.db.XDbName

TCPIP Alias for the database. This property is only required for non-Windows platforms when using DB2 with Type 2 drivers. For Type 4 drivers, this value is not used. It defines the federated database alias that needs to be set if you want to call create-database JDBC driver. The database loop back alias that needs to be set if you plan to use the create-local-database-db2task. The value must be different from the value of dbdomain.DbName. The values for dbdomain.DbName and dbdomain.XDbName must be different in the wpconfig_dbdomain.properties file. For DB2® Content Manager Runtime Edition, this property is the database for tables.
Value(s): Alphanumeric text string
Example:
The following example is for Release, Community, Customization, WMM, and the JCR: federated.db.XDbName=wps6TCP
The following example is for Feedback: federated.db.XDbName=fdbk6TCP
The following example is for LikeMinds: federated.db.XDbName=lmdb6TCP
Default: wps6TCP

federated.db.DbNode

Required for Non-Windows platforms when using DB2 only. This value is the node for the VMM federated domain database and needs to be set if you want to call create-database
Value(s): Alphanumeric text string
Example: The following example is for Release, Community, Customization, JCR, and VMM databases: federated.db.DbNode=wpsNode
The following example is for Feedback and LikeMinds databases: federated.db.DbNode=pznNode
Default: wpsNode

federated.db.DbStorageGroup

Required for DB2 for z/OS and OS/390 only. The storage group for the VMM federated database.
Value(s):
Example:
Default: WPSSG

federated.db.DbVolumes

Required for DB2 for z/OS and OS/390 only. The volumes for the VMM federated database.
Value(s):
Example:
Default: *

federated.db.DbVcat

Required for DB2 for z/OS and OS/390 only. The VCAT for the VMM federated database.
Value(s):
Example:
Default: DSN810

federated.db.Db4KBufferPoolName

Required for DB2 for z/OS and OS/390 only. The 4K bufferpool name for the VMM federated database.
Value(s):
Example:
Default: BP0

federated.db.Db32KBufferPoolName

Required for DB2 for z/OS and OS/390 only. The 32K bufferpool name for the VMM federated database.
Value(s):
Example:
Default: BP32K

Setting up database tables

federated.db.reportSqlError

Whether to report SQL errors while setting up databases.
Value(s): true false
Example:
Default: true

federated.db.saltLength

The length of the salt which is used when hashing passwords stored in the Member Manager database repository.
Value(s): numeric
Example:
Default: 12

federated.db.encryption

Value(s):
Example:
Default: rZ15ws0ely9yHk3zCs3sTMv/ho8fY17s

federated.db.adapterClassName

The implementation class name for the repository adapter.
Value(s):
Example:
Default: com.ibm.ws.wim.adapter.db.DBAdapter

federated.db.supportSorting

Indicates if sorting is supported or not.
Value(s): true false
Example:
Default: false

federated.db.supportTransactions

Indicates if transactions are supported or not.
Value(s): true false.
Example:
Default: false

federated.db.isExtIdUnique

Specifies if the external ID is unique.
Value(s): true false
Example:
Default: true

federated.db.supportExternalName

Indicates if external names are supported or not.
Value(s): true false
Example:
Default: false

federated.db.entityRetrievalLimit

Maximum number of entities that the system can retrieve from the database with a single database query.
Value(s): numeric
Example:
Default: 50

Federated Custom User Registry Properties

federated.cur.id

The id specifies a unique identifier for the repository within the cell. Characters that are not allowed in normal XML strings ( & < > " ' ) cannot be used in the repository ID.
Value(s): string
Example:
Default: none

federated.cur.adapterClassName

The implementation class name for the repository adapter.
Value(s):
Example:
Default: true none

federated.cur.baseDN

The CUR base entry.
Value(s):
Example:
Default: none

federated.cur.isExtIdUnique

Specifies if the external ID is unique.
Value(s): true false
Example:
Default: true

federated.cur.supportExternalName

Indicates if external names are supported or not.
Value(s): true false
Example:
Default: false

federated.cur.supportPaging

Indicates if paging is supported or not.
Value(s): true false
Example:
Default: false

federated.cur.supportSorting

Indicates if sorting is supported or not.
Value(s): true false
Example:
Default: false

federated.cur.supportTransactions

Indicates if transactions are supported or not.
Value(s): true false
Example:
Default: false

cur.id

The ID of the repository, where the custom property will be created.
Value(s):
Example:
Default: none

cur.name

The name of the custom property.
Value(s):
Example:
Default: none

cur.value

The value of the custom property.
Value(s):
Example:
Default: none

federated.primaryAdminId

The ID of the WAS administrative user. The ID must exist in a user repository.
Value(s):
Example:
IBM Directory Server: federated.primaryAdminId=uid=<portaladminid>,cn=users,dc=yourco,dc=com
Domino: federated.primaryAdminId=cn=<portaladminid>,o=yourco.com
Active Directory: federated.primaryAdminId=cn=<portaladminid>,cn=users,dc=yourco,dc=com
SunOne: federated.primaryAdminId=uid=<portaladminid>,ou=people,o=yourco.com
Novell eDirectory: federated.primaryAdminId= uid=<portaladminid>,ou=people,o=yourco.com
Default: xyzadmin

federated.realm

The realm name to be used. The existing default realm will be renamed.
Value(s):
Example:
Default: none

federated.serverId

federated.serverPassword
Specifies a user ID and password in the repository used for internal process communication.
Value(s):
Example: Examples are provided for LDAP:
     IBM Directory Server:  federated.serverId=uid=<serveruserid>,cn=users,dc=yourco,dc=com  
     Domino:  federated.serverId=cn=<serveruserid>,o=yourco.com  
     Active Directory:  federated.serverId=cn=<serveruserid>,cn=users,dc=yourco,dc=com  
     Active Directory AM:  federated.serverId=cn=<serveruserid>,cn=users,dc=yourco,dc=com  
     SunOne:  federated.serverId=uid=<serveruserid>,ou=people,o=yourco.com  
     Novell eDirectory:  federated.serverId=uid=<serveruserid>,ou=people,o=yourco.com  
     Default: none
Advanced Properties

federated.registryClassName

The registry class name.
Value(s):
Example:
Default: com.ibm.ws.wim.registry.WIMUserRegistry

federated.ignoreCase

Whether the query matches case sensitivity. If this is set to false, WAS security will compare DN's case sensitive.
Value(s): true false
Example:
Default: true

LDAP attribute configuration

federated.ldap.attributes.nonSupported

comma separated list of attributes that will be added/removed from the list of nonsupported attributes
Value(s):
Example:
Default: none

federated.ldap.attributes.nonSupported.delete

if true, then the attributes in federated.ldap.nonSupported will be deleted from the list of nonsupported attributes, else they will be added.
Value(s):
Example:
Default: none
Use the following properties to add an attribute mapping between the Portal attribute name and the ldap attribute name:

federated.ldap.attributes.mapping.ldapName

The name of the attribute in LDAP
Value(s):
Example:
Default: none

federated.ldap.attributes.mapping.portalName

The name of the attribute in portal
Value(s):
Example:
Default: none

federated.ldap.attributes.mapping.entityTypes

List of entityTypes the mapping should be applied to.
Value(s):
Example:
Default: PersonAccount,Group

VMM Delete federated repository properties

federated.delete.baseentry

The name of the base entry to be deleted from the default realm. If the base entry exists in other realms, it has to be deleted manually first. Leave this empty only if you want to delete the property extension repository.
Value(s):
Example:
Default: none

federated.delete.id

The ID of the repository to be deleted from the VMM configuration. This parameter must be set to LA if you want to delete the property extension repository.
Value(s):
Example:
Default: none

Stand alone Security Properties

Setting up an LDAP

standalone.ldap.id

The id specifies a unique identifier for the repository within the cell. Characters that are not allowed in normal XML strings ( & < > " ' ) cannot be used in the repository ID.
Value(s): string
Example:
Default: none

standalone.ldap.host

Host name of the primary LDAP server. This host name is either an IP address or a domain name service (DNS) name.
Value(s):
Example:
Default: none

standalone.ldap.port

LDAP server port.
Value(s):
Example:
Default: none

standalone.ldap.bindDN

Distinguished name for the appserver to use when binding to the LDAP repository.
Value(s):
Example:
Default: none

standalone.ldap.bindPassword

Password for the appserver to use when binding to the LDAP repository.
Value(s):
Example:
Default: none

standalone.ldap.ldapServerType

Type of LDAP server to which you connect
Value(s):
For WAS 6.1, it must be one of the following:
SECUREWAY,IDS4,IDS51,IDS52,IDS6,ZOSDS,DOMINO5,DOMINO6,DOMINO65,DOMINO7,NDS,SUNONE,AD2000,AD2003,ADAM,CUSTOM
For ActiveDirectory 2008 use AD2003
For WAS 7.0, it must be one of the following: IDS, ZOSDS, DOMINO, NDS, SUNONE, AD, ADAM, CUSTOM
Example:
Default: none

standalone.ldap.userIdMap

LDAP filter that maps the short name of a user to an LDAP entry. This value is not used during node federation to DMGR with WAS LDAP security enabled.
Value(s): This value can be multiple objectclass:property pairs delimited by a semicolon (;).
Example: The following examples displays entries of the object class = inetOrgPerson type by their IDs: standalone.ldap.userIdMap= inetOrgPerson:uid.
Default: none

standalone.ldap.groupIdMap

LDAP filter that maps the short name of a group to an LDAP entry. Specifies the piece of information that represents groups when groups display. Use the asterisk (*) as a wildcard character that searches on any object class in this case. This value is not used during node federation to DMGR with WAS LDAP security enabled.
Value(s): This value can be multiple objectclass:property pairs, delimited by a semicolon (;).
Example:The following example displays groups by their names: standalone.ldap.groupIdMap=*:cn
Default: none

standalone.ldap.groupMemberIdMap

LDAP filter that identifies user-to-group relationships. Specifies which property of an objectclass stores the list of members belonging to the group represented by the objectclass. This value is not used during node federation to DMGR with WAS LDAP security enabled.
Value(s): For SecureWay and Domino, this value can be multiple objectclass:property pairs, delimited by a semicolon (;).
For IBM Directory Server, Sun ONE, and Active Directory, this value can be multiple group attribute:member attribute pairs delimited by a semicolon (;).
Example:
Default: none

standalone.ldap.userFilter

LDAP user filter that searches the user registry for users. This value is not used during node federation to DMGR with WAS LDAP security enabled.
Value(s):
Example: The following example would be used to look up users based on their user IDs: standalone.ldap.userFilter=(&(uid=%v)(objectclass=inetOrgPerson))
Default: none

standalone.ldap.groupFilter

LDAP group filter that searches the user registry for groups. This value is not used during node federation to DMGR with WAS LDAP security enabled.
Value(s):
Example:
Default: none

standalone.ldap.serverId
standalone.ldap.serverPassword

Specifies a user ID and password in the repository used for internal process communication. This value is not used during node federation to DMGR with WAS LDAP security enabled.
Value(s):
Example:
Default: none

standalone.ldap.realm

The security context of this server. A realm with this name will be created.
Value(s):
Example:
Default: none

standalone.ldap.primaryAdminId
standalone.ldap.primaryAdminPassword

The ID and password of the WAS administrative user. The ID must exist in the LDAP server.
Value(s):
Example:
Default: none

standalone.ldap.primaryPortalAdminId
standalone.ldap.primaryPortalAdminPassword

The ID of the WebSphere Portal administrative user. The ID must exist in the LDAP server.
Value(s):
Example:
Default: none

standalone.ldap.primaryPortalAdminGroup

The user group with administrative permission in portal. The group must exist in the LDAP server.
Value(s):
Example:
Default: none

standalone.ldap.baseDN

The LDAP base entry. This is the start point for all LDAP searches of WAS security.
Value(s):
Example:
Default: none

Entity type Group

standalone.ldap.et.group.searchFilter

The search filter that you want to use to search the entity type. VMM uses this filter as an addition during search requests in your environment. This value can be left blank. If you leave the value blank, no additional filter is applied and the other VMM configuration is used.
Value(s): The syntax is like a standard LDAP search filter.
Example: standalone.ldap.et.group.searchFilter=(objectclass=groupOfUniqueNames)
Default: none

standalone.ldap.et.group.objectClasses

One or more object classes (separated by ';') for the group entity type.
Value(s): One or more object classes (separated by ';')
Example:
Default: groupOfUniqueNames

standalone.ldap.et.group.objectClassesForCreate

The object classes separated by a semi-colon (;) to use when an entity type is created. If the value of this parameter is the same as the objectClass parameter, you do not need to specify this parameter.
Value(s):
Example:
Default: none

standalone.ldap.et.group.searchBases

The search base or bases to use while searching the entity type.
Value(s):
Example:
Default: none

standalone.ldap.et.personaccount.searchFilter

The search filter that you want to use to search the entity type. VMM uses this filter as an addition during search requests in your environment. This value can be left blank.
Value(s): The syntax is like a standard LDAP search filter.
Example: standalone.ldap.et.personaccount.searchFilter= (objectclass=inetorgperson)
Default: none

standalone.ldap.et.personaccount.objectClasses

This value should match the objectclass used in your LDAP for type User.
Value(s): One or more object classes, separated by a semi-colon (;) for the entity type.
Example:
Default: inetorgperson

standalone.ldap.et.personaccount.objectClassesForCreate

The object classes, separated by a semi-colon (;), to use when an entity type is created. If the value of this parameter is the same as the objectClass parameter, you do not need to specify this parameter.
Value(s):
Example:
Default: none

standalone.ldap.et.personaccount.searchBases

The search base or bases to use while searching the entity type.
Value(s):
Example:
Default: none

standalone.ldap.gm.groupMemberName

The name of the LDAP attribute used as the group member attribute.
Value(s):
Example:
Default: uniqueMember

standalone.ldap.gm.objectClass

The group object class that contains the member attribute. If not defined, the member attribute applies to all group object classes.
Value(s):
Example:
standalone.ldap.gm.objectClass=groupOfUniqueNames
standalone.ldap.gm.objectClass=groupNames
Default: groupOfUniqueNames

standalone.ldap.gm.scope

The scope of the member attribute. Valid values include...

direct Contains direct members.
nested Contains direct members and nested members.

Example:
Default: direct

standalone.ldap.gm.dummyMember

If you create a group without specifying a member, a dummy member will be filled in to avoid creating an exception about missing a mandatory attribute. With Active Directory, Sun One and Novell eDirectory the value has to be empty or point to an existing entry in the LDAP directory
Value(s):
Example:
Default: uid=dummy

standalone.ldap.personAccountParent

The default parent to be set for the the entity type PersonAccount
Value(s):
Example:
Default: none

standalone.ldap.groupParent

The default parent to be set for the the entity type Group
Value(s):
Example:
Default: none

standalone.ldap.personAccountRdnProperties

The RDN attribute name for the entity type PersonAccount. To reset all the values of the rdnProperties parameter, specify a blank string ("").
Value(s): string
Example:
Default: uid

standalone.ldap.groupRdnProperties

The RDN attribute name for the entity type Group. To reset all the values of the rdnProperties parameter, specify a blank string ("").
Value(s): string
Example:
Default: cn

Advanced Properties for Group configuration

standalone.ldap.gc.name

The name of the membership attribute.
Value(s):
Example:
Active Directory: standalone.ldap.gc.name=memberOf
IBM Directory Server: standalone.ldap.gc.name=ibm-allGroups
Default: none

standalone.ldap.gc.updateGroupMembership

Updates the group membership if the member is deleted or renamed. Some LDAP servers, for example, Domino server, do not clean up the membership of the user when a user is deleted or renamed. If you choose these LDAP server types in the ldapServerType property, the value of this parameter is set to true. Use this parameter to change the value. The default value is false.
Value(s): true false
Example:
Default: false

standalone.ldap.gc.scope

The scope of the membership attribute.
Value(s): Valid values include...

direct Contains direct groups.
nested Contains direct and nested groups.
all Contains direct groups, nested groups, and dynamic members.

Example:
Default: direct

standalone.ldap.derefAliases

Controls how aliases are dereferenced.
Value(s): Valid values include:

always always deference aliases
never never deference aliases
finding deference aliases only during name resolution
searching deference aliases only after name resolution

Example:
Default: always

standalone.ldap.authentication

Indicates the authentication method to use.
Value(s): Valid values include:

none Use no authentication (anonymous)
simple Use weak authentication (clear text password)
strong Use a token based authentication mechanism

Example:
Default: simple

standalone.ldap.referral

The LDAP referral.
Value(s): Valid values include:
follow - JNDI will automatically follow the referral link (to a different server)
ignore - JNDI will ignore the referral link
throw - A referral link will be seen as an error condition and an exception will be thrown by the underlying system
Example:
Default: ignore

standalone.ldap.delimiter

Delimiter used for this realm.
Value(s): Enter any value but do not leave this field blank.
Example:
Default: /

standalone.ldap.ignoreCase

Whether the query matches case sensitivity. This value is not used during node federation to DMGR with WAS when LDAP security is enabled.
Value(s): true false
Example:
Default: true

standalone.ldap.sslEnabled

Whethr secure socket communication is enabled to the LDAP server. When set to true, the SSL settings for the LDAP server are used.
Value(s): true false
Example:
Default: false

standalone.ldap.sslConfiguration

Name of the appserver SSL configuration to be used for SSL enabled LDAP server. This property is used to specify a non default SSL configuration if standalone.ldap.sslEnabled=true is set
Value(s):
Example: MySSLSettings
Default: none

standalone.ldap.certificateMapMode

Whether to map X.509 certificates into a LDAP directory by exact distinguished name or certificate filter. Specify the certificate filter to use the specified filter for the mapping, if client certificate authentication is used for portal server.
Value(s): Valid values include: EXACT_DN, CERTIFICATE_FILTER
Example:
Default: EXACT_DN

standalone.ldap.certificateFilter

Filter certificate mapping property for the LDAP filter, if client certificate authentication is used for portal server. The filter is used to map attributes in the client certificate to entries within the LDAP repository.
Value(s):
Example:
Default: none

standalone.ldap.reuseConnection

Should be set to true by default to reuse the LDAP connection. This value is not used during node federation to DMGR with WAS when LDAP security is enabled.
Value(s): true false
Example:
Default: true

standalone.ldap.searchTimeLimit

Timeout value in milliseconds for an LDAP server to respond before aborting a request.
Value(s): numeric
Example: none available
Default: 120000

standalone.ldap.connectionPool

Defines if VMM will enable the ConnectionPool
Value(s): true false
Example:
Default: false

standalone.ldap.supportSorting

Indicates if sorting is supported or not.
Value(s): true false
Example:
Default: false

standalone.ldap.supportPaging

Indicates if paging is supported or not.
Value(s): true false
Example:
Default: false

standalone.ldap.supportTransactions

Indicates if transactions are supported or not.
Value(s): true false
Example:
Default: false

standalone.ldap.isExtIdUnique

Specifies if the external ID is unique.
Value(s): true false
Example:
Default: true

standalone.ldap.supportExternalName

Indicates if external names are supported or not.
Value(s): true false
Example:
Default: false

standalone.ldap.translateRDN

Indicates to translate RDN or not.
Value(s): true false
Example:
Default: false

standalone.ldap.searchCountLimit

The value of the search count limit.
Value(s): numeric
Example:
Default: 500

standalone.ldap.searchPageSize

The value of search page size.
Value(s): numeric
Example:
Default: none

standalone.ldap.returnToPrimaryServer

Indicates to return to the primary LDAP server when it is available.
Value(s): true false
Example:
Default: true

standalone.ldap.primaryServerQueryTimeInterval

Indicates the polling interval for testing the primary server availability. The value of this parameter is specified in minutes.
Value(s): numeric
Example:
Default: 15

standalone.ldap.loginProperties

Indicates the property name used for login.
Value(s):
Example:
Default: uid

standalone.ldap.cp.maxPoolSize

The maximum number of context instances that can be maintained concurrently by the context pool.
Value(s): numeric
Example:
Default: 20

LDAP attribute configuration

standalone.ldap.attributes.nonSupported

comma separated list of attributes that will be added/removed from the list of attributes that are not supported.
Value(s):
Example:
Default: none

standalone.ldap.attributes.nonSupported.delete

If the value is true, the attributes in federated.ldap.nonSupported will be deleted from the list of attributes that are not supported. If the value is set to false, the attributes will be added to to the list of attributes that are not supported.
Value(s): true false
Example:
Default: none

Use the following properties to add an attribute mapping between the Portal attribute name and the LDAP attribute name

standalone.ldap.attributes.mapping.ldapName

The name of the attribute in LDAP
Value(s):
Example:
Default: none

standalone.ldap.attributes.mapping.portalName

The name of the attribute in portal
Value(s):
Example: none availble
Default: none

standalone.ldap.attributes.mapping.entityTypes

A comma separated list of entityTypes that the mapping should be applied to.
Value(s):
Example:
Default: PersonAccount,Group

Stand alone Custom User Registry configuration
=

standalone.cur.id

The id specifies a unique identifier for the repository within the cell. Characters that are not allowed in normal XML strings ( & < > " ' ) cannot be used in the repository ID.
Value(s): string
Example:
Default: testCur

standalone.cur.baseDN

The custom user registry base entry.
Value(s):
Example:
Default: none

standalone.cur.realm

The security context of this server.
Value(s):
Example:
Default: none

standalone.cur.delimiter

delimiter used for this realm.
Value(s):
Example:
Default: /

standalone.cur.adapterClassName

The implementation class name for the VMM repository adapter.
Value(s):
Example:
Default: none

standalone.cur.WasAdapterClassName

The implementation class name for the WebSphere custom user registry adapter.
Value(s):
Example:
Default: none

standalone.cur.propertyName

standalone.cur.propertyValue
Description: A custom property name-value pair. A custom property will only be added if the standalone.cur.propertyName is defined.
Value(s):
Example:
Default: none

standalone.cur.primaryAdminId
standalone.cur.primaryAdminPassword

The ID and password of the WAS administrative user. The ID must exist in the custom user registry.
Value(s):
Example:
Default: no defaults

standalone.cur.primaryPortalAdminId
standalone.cur.primaryPortalAdminPassword

The user ID and password of the portal administrative user. The ID must exist in the custom user registry.
Value(s):
Example:
Default: no defaults

standalone.cur.primaryPortalAdminGroup

The ID of the portal administrative user group. The group must exist in the custom user registry.
Value(s):
Example:
Default: none

standalone.cur.personAccountParent
standalone.cur.groupParent

The default parents to be set for the the entity types PersonAccount and Group
Value(s):
Example:
Default: none

standalone.cur.personAccountRdnProperties

The RDN attribute name for the entity type PersonAccount. To reset all the values of the rdnProperties parameter, specify a blank string ("").
Value(s): string
Example:
Default: uid

standalone.cur.groupRdnProperties

The RDN attribute name for the entity type Group To reset all the values of the rdnProperties parameter, specify a blank string ("").
Value(s): string
Example:
Default: cn

standalone.cur.isExtIdUnique

Specifies if the external ID is unique.
Value(s): true false
Example:
Default: true

standalone.cur.supportExternalName

Indicates if external names are supported or not.
Value(s): true false
Example:
Default: false

standalone.cur.supportPaging

Indicates if paging is supported or not.
Value(s): true false
Example:
Default: false

standalone.cur.supportSorting

Indicates if sorting is supported or not
Value(s): true false
Example:
Default: false

standalone.cur.supportTransactions

Indicates if transactions are supported or not.
Value(s): true false
Example:
Default: false

VMM Property Extension Properties

la.JdbcProviderName

The name of JDBC provider portal uses to communicate with its databases. To keep federated.db.JdbcProviderName in sync for the same database type, la.JdbcProviderName and federated.db.JdbcProviderName must be different for different database types
Value(s): Alphanumeric text string
Example:
Default: vmmdbJDBC

la.DbType

The type of database to be used for VMM property extension database domain.
Value(s): Valid values include the following:
db2
oracle
sqlserver
sqlserver2005
db2_iseries
db2_zos
Example:
Default: db2

la.DbUrl

The VMM property extension database domain URL.
Value(s): Valid values include:
Example:
Default: jdbc:db2:vmmladb

la.DbName

The name of the VMM property extension database. This value should also appear as the database element in DbUrl. Verify that you point to the same database. For non-Windows platforms when using DB2, this value is the TCPIP Alias for the database. For DB2 and DB2 for z/OS, this value cannot exceed 8 characters and can only contain letters and numbers. Refer to your database documentation for more information. For DB2, this value must be different from the value of dbdomain.XDbName.
If you change the name of the WebSphere Portal data source due to a database migration, manually update this property in the portal_server_root/config/wpconfig_dbdomain.properties file to maintain the proper resource reference mapping.
Value(s): Alphanumeric text string
Example: Recommended value for all domains:

Release: release
Community: comm
Customization: cust
JCR: jcrdb
VMM: vmmdb
Feedback: fdbkdb
LikeMinds: lmdb

Default: vmmladb

la.DataSourceName

The name of datasource to be used for VMM Federated DB domain
Value(s): Alphanumeric text string
Example:
Default: vmmladbDS

la.DbUser

The database administrator user ID. This value is specific to DB2.
Value(s): Alphanumeric text string
Example:
Default: db2admin

la.DbPassword

The database administrator password
Value(s): Alphanumeric text string
Example:
Default: no default

Advanced Properties

la.DbSchema

The VMM property extension database domain database schema name. Follow the documentation of the target database management system in order to define a valid schema name as restrictions apply for some database management systems.
Value(s):
Example:
Default: federate

la.DbNameOnZos

Required for DB2 for z/OS and OS/390 only. If you are running DB2 for z/OS as remote database, this value is the name of the remote VMM property extension database. If portal is running on z/OS and db2 for z/OS is on the same server, this value must be set equal to DbName value.
Value(s):
Example:
Default: WPSTST02

la.XDbName

Required for Non-Windows platforms when using DB2 locally (on the same server) and DB2 is using the Type 2 JDBC driver. The VMM property extension database alias that needs to be set if you want to use the create-database task.
Value(s):
Example:
Default: wps6TCP

la.DbNode

Required for Non-Windows platforms when using DB2 only. This value is the node for the VMM property extension domain database and needs to be set if you want to use the create-database task.
Value(s):
Example:
Default: wpsNode

la.DbStorageGroup

Required for DB2 for z/OS and OS/390 only. The storage group for the VMM property extension database for the Web Content Management JCR.
Value(s):
Example:
Default: WPSSG

la.DbVolumes

Required for DB2 for z/OS and OS/390 only. The volumes for the VMM lookaside database
Value(s):
Example:
Default: *

la.DbVcat

Required for DB2 for z/OS and OS/390 only. The VCAT for the VMM property extension database.
Value(s):
Example:
Default: DSN810

la.Db4KBufferPoolName

Required for DB2 for z/OS and OS/390 only. The 4K bufferpool name for the VMM property extension database
Value(s):
Example:
Default: BP0

la.Db32KBufferPoolName

Required for DB2 for z/OS and OS/390 only. The 32K bufferpool name for the VMM property extension database
Value(s):
Example:
Default: BP32K

Create property extension tables

la.reportSqlError

Whether to report SQL errors while setting up databases.
Value(s): true false
Example:
Default: true

la.entityRetrievalLimit

Maximum number of entities that the system can retrieve from the database with a single database query.
Value(s): numeric
Example:
Default: 50

la.providerURL

Provider URL. This defines the remote endpoint where the portal server or Deployment Manager installation is available. Check the value for localhost:port The port should point to the bootstrap Port of WebSphere_Portal or Deployment Manager. Deployment Manager is used in a cluster environment
Value(s):
Example: corbaloc:iiop:dmgr.example.com:9809
Default: corbaloc:iiop:localhost:10031

la.propertyName

Name of the property to be added.
Value(s): Alphanumeric text string
Example: email, dept
Default: none

la.entityTypes

A list of entity types, the new property is applicable to
Value(s): Valid values include:
PersonAccount
Group
PersonAccount,Group
Example:
Default: none

la.dataType

Value(s): String
Example: la.dataType=string
Default: none

la.multiValued

Defines if the property can contain multiple attributes or not
Value(s): true false
Example:
Default: none

repositoryId

This value is only used for the wp-add-property task. Adding a property to VMM configuration of a repository does not add the property to the LDAP system.
Value(s): List of repositories that the new property will be added to. The list of repositories must be separated by a comma. Leave the value blank to add the property to all repositories.
Example:
Default: none

VMM LDAP entity type configuration

et.ldap.id

LDAP server ID.
Value(s): String
Example: myLDAPServer
Default: none

et.entityTypeName

Name of the entity type to be created/updated/deleted
Value(s): Valid Input values are Group or PersonAccount
Example:
Default: no default

et.objectClass

Semi-colon (;) delimited list of object classes to be added.
Value(s): String
Example: groupOfUniqueNames
Default: none

et.searchFilter

Search filter that you want to use to search the entity type.
Value(s): string
Example: a filter like departmentNumber=1234 would only allow objects with this departmentnumber to be a valid search result
Default: none

et.objectClassesForCreate

Semi-colon (;) delimited list of object classes to use when an entity type is created. If the value of this parameter is the same as the objectClass parameter, you do not need to specify this parameter.
Value(s): string
Example: groupOfUniqueNames
Default: none

et.searchBases

Search base or bases to use while searching the entity type.
Value(s): string
Example: o=foo,o=bar
Default: none

et.rdnName

Additional attributes for the wp-add-ldap-entitytype-rdn task. The attribute name used to build the relative distinguished name (RDN) for the entity type.
Value(s):
Example:
Default: none

VMM supported entity types configuration

entityTypeName

Name of the entity type.
Value(s):
Example:
Default: none

defaultParent

Base entry name that will be used as default parent for the given entity type.
Value(s):
Example:
Default: none

rdnProperties

This value specifies the RDN attribute name for the supported entity type in the entity domain name. To reset all the values of the rdnProperties parameter, specify a blank string (""). Value(s): string
Example:
Default: cn

personAccountParent

Default parent of the entity type PersonAccount
Value(s):
Example:
Default: none

groupParent

Default parents of the entity type Group
Value(s):
Example:
Default: none

personAccountRdnProperties

This value specifies the RDN attribute name for the entity type PersonAccount. To reset all the values of the rdnProperties parameter, specify a blank string ("").
Value(s): string
Example:
Default: uid

groupRdnProperties

This value specifies the RDN attribute name for the entity type Group. To reset all the values of the rdnProperties parameter, specify a blank string ("").
Value(s):
Example:
Default: cn

gm.ldap.id

LDAP server ID.
Value(s):
Example:
Default: none

gm.groupMemberName

Name of the LDAP attribute used as the group member attribute. If the group member does not yet exist, it will be created
Value(s):
Example:
gm.groupMemberName=member
gm.groupMemberName=uniqueMember
Default: none

gm.objectClass

This value specifies the group object class that contains the member attribute. If not defined, the member attribute applies to all group object classes.
Value(s):
Example:
gm.objectClass=groupOfNames
gm.objectClass=groupOfUnqiueNames
Default: none

gm.scope

Scope of the member attribute.
Value(s): Valid values include:
direct - Contains direct members.
nested - Contains direct members and nested members.
Example:
Default: none

gm.dummyMember

If you create a group without specifying a member, a dummy member will be filled in to avoid creating an exception about missing a mandatory attribute.
Value(s):
Example:
Default: none

VMM LDAP group member attribute configuration

gc.ldap.id

LDAP server ID.
Value(s):
Example:
Default: stand-alone

gc.name

Name of the membership attribute.
Value(s):
Example:
Active Directory example - gc.name=memberOf
IBM Directory Server - gc.name=ibm-allGroups
Default: ibm-allGroups

gc.updateGroupMembership

Updates the group membership if the member is deleted or renamed. Some LDAP servers, such as Domino server, do not clean up the membership of the user when a user is deleted or renamed. If you choose these LDAP server types in the ldapServerType property, the value of this parameter is set to true. Use this parameter to change the value.
Value(s): true false
Example:
Default: false

gc.scope

Scope of the membership attribute.
Value(s): Valid values include:
direct - Contains direct groups.
nested - Contains direct and nested groups.
all - The membership attribute contains direct groups, nested groups, and dynamic members.
Example:
Default: direct

VMM LDAP context pool

cp.ldap.id

LDAP server ID.
Value(s):
Example:
Default: none

cp.maxPoolSize

Maximum number of context instances that can be maintained concurrently by the context pool.
Value(s): numeric
Example:
Default: 20

VMM realm configuration

realmName

Name of the realm to be created or updated. If no realm name is given, the default realm will be updated.
Value(s):
Example:
Default: none

addBaseEntry

Name of base entry to be added to the realm.
Value(s):
Example:
Default: none

securityUse

String that indicates if this virtual realm will be used in security now, later, or never.
Value(s): Valid values includes: now, later, never, inactive, and nonSelectable
Example:
Default: active

delimiter

Delimiter used for this realm.
Value(s): /
Example:
Default: none

deleteRealmName

Name of the realm to be deleted.
Value(s):
Example:
Default: none

defaultRealmName

Name of the new default realm.
Value(s):
Example:
Default: none

deleteBaseEntry

Name of the base entry to be deleted from the realm.
Value(s):
Example:
Default: none

realm.personAccountParent

Default parents to be set for the the entity type PersonAccount. The realm entered in realmName will be used to perform the change.
Value(s):
Example:
Default: none

realm.groupParent

Default parents to be set for the the entity type Group. The realm entered in realmName will be used to perform the change.
Value(s):
Example:
Default: none

realm.orgContainerParent

Description: Default parents to be set for the the entity type OrgContainer. The realm entered in realmName will be used to perform the change
Value(s):
Example:
Default: none

VMM repository base entry configuration

id

ID of the repository, where the base entry will be created, updated, or deleted. When a base entry is created, it will automatically be added to the default realm.
Value(s):
Example:
Default: none

baseDN

Name of the base entry to be created, updated, or deleted
Value(s):
Example:
Default: none

nameInRepository

Distinguished name in the repository that uniquely identifies the base entry name. In most cases this should be the same as baseDN.
Value(s):
Example:
Default: none

Change administrative users

newAdminId

New ID of the administrative user.
The user ID cannot contain a space: for example, user ID; and cannot be longer than 200 characters.
(UNIX only) Some tasks may require you to enter the fully qualified user ID. If your fully qualified user ID contains a space; for example:
cn=wpsadmin,cn=users,l=SharedLDAP,c=US,ou=Lotus,o=Software Group,dc=ibm,dc=com

... place the fully qualified user ID in the properties file or into a parent properties file instead of as a flag on the command line.
For example, create a parent properties file called mysecurity.properties, enter the fully qualified user ID, and then run the task:
./ConfigEngine.sh task_name -DparentProperties=/opt/mysecurity.properties

(Windows only) Some tasks may require you to enter the fully qualified user ID. If your fully qualified user ID contains a space; for example:
cn=wpsadmin,cn=users,l=SharedLDAP,c=US,ou=Lotus,o=Software Group,dc=ibm,dc=com

... place quotes around the fully qualified user ID before running the task; for example, "cn=wpsadmin,cn=users,l=SharedLDAP,c=US,ou=Lotus,o=Software Group,dc=ibm,dc=com".
Value(s):
Example: none available
Default: none

newAdminPw

New password of the administrative user.
(Unix only): The password cannot contain a space: for example, pass word; and cannot be longer than 128 characters.
Value(s):
Example:
Default: none

newAdminGroupId

New ID of the portal administrative group
Values:
Example:
Default: none

VMM change attribute configuration

user.attributes.required

New (comma separated) list of attributes that are required for user creation
Value(s):
Example:
Default: sn

user.attributes.nonsupported

New (comma separated) list of attributes that will be ignored by portal
Value(s):
Example:
Default: certificate,identifier

Restore VMM security

restore.file.realm

The realm name to be used. A realm with this name will be created.
Value(s):
Example:
Default: federatedRealm

restore.file.delimiter

delimiter used for this realm.
Value(s): Enter any value but do not leave this field blank.
Example:
Default: /

restore.file.primaryAdminId

ID (shortname) of the WAS administrative user. The ID must exist in a user repository.
Value(s):
Example:
Default: adminUID

restore.file.primaryAdminPassword

Password (shortname) of the WAS administrative user.
Value(s):
Example:
Default: adminPWD

restore.file.primaryPortalAdminGroup

The user group (short name) with administrative permission in portal. The group must exist in the LDAP server.
Value(s):
Example:
Default: adminGroupCN

direct	Contains direct members.
nested	Contains direct and nested members.

direct	Contains direct groups.
nested	Contains direct and nested groups.
all	Contains direct groups, nested groups, and dynamic members.

always	always deference aliases
never	never deference aliases
finding	deference aliases only during name resolution
searching	deference aliases only after name resolution

none	Use no authentication (anonymous)
simple	Use weak authentication (clear text password)
strong	Use a token based authentication mechanism