The connection using the Test connection command to the LDAP server shows there is a connection as shown in Figure 10.99:
Figure 10.99: The connection using the Test connection command to the LDAP server shows there is a connection
The AppSrv01 server is stopped and restarted using the First Steps console to update the security settings, the example output of the First steps console is shown in Figure 10.100:
Figure 10.100: The AppSrv01 server is restarted using the First Steps console to update the security settings
The setting as a Standalone LDAP registry was tried with update of the General properties to match with the changes as highlighted in Figure 10.101:
Figure 10.101: The setting as a Standalone LDAP registry was tried with update of the General properties
The fix which corrected the problem was to revert from a Standalone LDAP registry back to setting the ECMUKDEMO77 as a Federated repository and selecting the Set as current button as shown in Figure 10.102:
Figure 10.102: The ECMUKDEMO77 repository is changed from Standalone back to Federated
The Global Security | Administrative user roles menu is selected, and the search used to retrieve users as shown in Figure 10.103:
Figure 10.103: The Global Security | Administrative user roles menu is selected
The First steps console is used to stop the AppSrv01 profile server as shown in Figure 10.104:
Figure 10.104: The First steps console is used to stop the AppSrv01 profile server
The First steps console is used to start the AppSrv01 profile server as shown in Figure 10.105:
Figure 10.105: The First steps console is used to start the AppSrv01 profile server
After restarting the server, the Administrative user roles we selected, are shown with the roles applied, as shown in Figure 10.106:
Figure 10.106: The Administrative user roles we selected, are shown with the roles applied
Repeat the procedure above for the WebSphere AppSrv02 profile using the URL for the second profile, AppSrv02, port 9044 as shown in Figure 10.107:
https://localhost:9044/ibm/console/login.do?action=secure
Figure 10.107: The URL for the second profile, AppSrv02, port 9044 is launched
The wasadm administration user is used to log into the IBM WebSphere administration console for the second AppSrv02 server profile system as shown in Figure 10.108:
Figure 10.108: The wasadm administration user is used to log into the IBM WebSphere administration console
The Security | Global Security menu is opened, and we change the highlighted tick boxes, enable administration security and use java 2 security to restrict application access to local resources and select the Configure command button, as shown in Figure 10.109.
IMPORTANT: It is important to untick the boxes under the Java 2 security section, as highlighted in Figure 10.109, otherwise logons will fail.
Figure 10.109: The Security | Global Security menu is opened, and we select the Configure command button
The Global security | Federated repositories menu page is displayed next, and we select the Add repositories (LDAP,custom,etc)… command button as shown in Figure 10.110:
Figure 10.110: The Global security | Federated repositories menu page is displayed so we can select the Add repositories (LDAP, custom, etc)… command button
The LDAP repository is selected from the drop-down New Repository list as shown in Figure 10.111:
Figure 10.111: The LDAP repository is selected from the drop-down New Repository list
The LDAP Test Query link as shown earlier, in Figure 10.90, for the AppSrv01 set-up, is selected to query the ECMUKDEMO77 LDAP server, with the Bind password entered as shown in Figure 10.112:
Figure 10.112: The LDAP Test Query link is selected to query the ECMUKDEMO77 LDAP server
The Apply command button is selected to save the LDAP configuration as shown in Figure 10.113:
Figure 10.113: The Apply command button is selected to save the LDAP configuration
The Save command link is used to save the configuration updates to the IBM Websphere server master configuration as shown in Figure 10.114:
Figure 10.114: The Save or Review button can be selected (we used Save)
The Unique distinguished name for the base Repository reference is set to the LDAP container object, cn=localhost as shown in Figure 10.115:
Figure 10.115: The Unique distinguished name for the base Repository reference is set to the LDAP container object, cn=localhost