When upgrading to IMS Server 8.2, are there any changes to the Active Directory enterprise directory configurations?
In IMS Server 8.2,
- To configure the IMS Server to connect to Active Directory using Domain DNS name, the Active Directory server must be SSL-enabled.
- To use password reset in AccessAssistant or Web Workplace requires either:
- IMS Server Active Directory enterprise directory configuration to use SSL, or
- Install the Tivoli Identity Manager Active Directory Adapter
For more information, refer to
Preparing an Active Directory server.
In IMS Server, there are two ways to configure an "Active Directory" server type enterprise directory.
You can connect to Active Directory by using:
- Domain controller host name / FQDN (For example: adserver.team.example.com), or
- Domain DNS name (For example: team.example.com)
For more information on the options, refer to Configuring the IMS Server to use Active Directory servers .
If you plan to use SSL, add the Active Directory server SSL certificate to the WebSphere Application Server trust store.
For more information, refer to Adding the directory server SSL certificate to WebSphere Application Server.
- Restart WebSphere Application Server after adding the SSL certificate.
- Complete adding the SSL certificate before executing the Upgrade Configuration Wizard in the upgrade process.
- Refresh the Active Directory SSL certificate in WebSphere Application Server trust store, at the same time as, any SSL certificate changes on the Active Directory server. Any expired or mismatched SSL certificate may cause WebSphere Application Server to have issues.