508 WebSphere Portal Express and Express Plus V5 for the IBM Eserver iSeries Server
Adding WebSphere Portal directory entries into LDAP
To configure WebSphere Portal authentication with LDAP, you have to create some
fundamental directory entries. You must to create at least one user and one users’ group,
which are used during authentication.
There are a couple of ways to create directory structure. We use Qshell LDAP commands.
Qshell commands do not give the possibility to work with a graphical interface, but do not
require you to install any additional software.
To add entries into the LDAP directory server structure, you can use a template LDIF file
which is already pre-prepared. You can find this file in the root directory of the WebSphere
Portal install CD.
1. Find the
PortalUsers.ldif file on the WebSphere Portal installation CD and copy it to your
workstation.
2. Open the
PortalUsers.ldif file in any text editor.
3. This is an already pre-built file. You only have to change information about your company
entry. To to this, replace each
<yourco> string occurrence with the value that corresponds
to your company.
Figure B-10 shows a sample of the PortalUsers.ldif file used in this scenario.
Figure B-10 Sample LDIF file
4. Save the updated PortalUsers.ldif file and copy it into the integrated file system (IFS) of
your iSeries server.
5. To create directory entries based on your LDIF file:
a. Open a Qshell command prompt:
STRQSH
b. Run the ldapadd command as follows:
ldapadd -h host name -D cn=<ldap-admin-userid> -w <ldap-admin-password>
-f <path-to-ldif-file>
Attention: You have to change the LDIF file to match the suffix you added to the IBM
Directory Server. If the suffix that you added looks is similar to
dc=krak,dc=com, replace
each occurrence of the
<yourco> string with the krak string.
dn: dc=krak,dc=com
objectclass: domain
objectclass: top
# Add lines according to this scheme that correspond to your suffix
dc: krak,dc=com
dc: krak
dn: cn=users,dc=krak,dc=com
objectclass: container
objectclass: top
cn: users
Appendix B. IBM Directory Server (LDAP) 509
Figure B-11 shows sample messages that are generated when adding entries to the
LDAP directory.
Figure B-11 Messages generated while adding entries to the LDAP directory
6. You can use the Directory Management Tool (DMT) to work with IBM Directory Server
based on the GUI (Figure B-12).
Figure B-12 Sample view of the directory structure based on Directory Management Tool
> ldapadd -h rchas07 -D cn=Administrator -w *****
-f /home/ldapuser/KrakPortalUsers.ldif
adding new entry dc=krak,dc=com
adding new entry cn=users,dc=krak,dc=com
adding new entry cn=groups,dc=krak,dc=com
adding new entry uid=wpsadmin,cn=users,dc=krak,dc=com
adding new entry uid=wpsbind,cn=users,dc=krak,dc=com
adding new entry cn=wpsadmins,cn=groups,dc=krak,dc=com
510 WebSphere Portal Express and Express Plus V5 for the IBM Eserver iSeries Server
Get WebSphere Portal Express and Express Plus V5 for the IBM eServer iSeries Server now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
