Configuring the LDAP federated repository

You can configure each Jazz™ for Service Management application server to use and communicate with the LDAP federated repository.

About this task

In a Jazz for Service Management distributed environment or in a Dashboard Application Services Hub load balanced environment, all application server instances must be configured separately for the LDAP server.

Procedure

  1. Start the WebSphere administrative console; for example, select Start > IBM WebSphere > IBM® WebSphere® Application Server > Profiles > JazzSMProfile > Administrative console.
  2. Enter the WebSphere administrator user ID and password, and click Log in.
  3. Select Security > Global security.
  4. From the Available realm definitions list, select Federated repositories and click Configure.
  5. To add an entry to the base realm:
    1. Ensure that the LDAP federated repository is selected from the Repository list.
    2. In the field, enter the distinguished name (DN) of a base entry that uniquely identifies this set of entries in the realm. This base entry must uniquely identify the external repository in the realm.
      Note: If multiple repositories are included in the realm, use the DN field to define an additional distinguished name that uniquely identifies this set of entries within the realm. For example, repositories LDAP1 and LDAP2 might both use o=ibm,c=us as the base entry in the repository. So o=ibm,c=us is used for LDAP1 and o=ibm2,c=us for LDAP2. The specified DN in this field maps to the LDAP DN of the base entry within the repository (such as o=ibm,c=us b). The base entry indicates the starting point for searches in this LDAP server (such as o=ibm,c=us c).
    3. Click Apply and then Save.
  6. In the WebSphereadministrative console, select Security > Global security.
  7. From the Available realm definitions list, select Federated repositories and click Set as current to mark the federated repository as the current realm.
  8. Restart each Jazz for Service Management application server. Restarting Jazz for Service Management application servers.
  9. Verify that the federated repository is correctly configured:
    1. In the Dashboard Application Services Hub navigation pane, click Users and Groups > Manage Users.
    2. Select User ID from the Search by list.
    3. Click Search to search for users in the federated repository.
    4. Confirm that the list includes users from both the LDAP federated repository and the local file registry.
    On the Jazz for Service Management application server, LDAP users are queried only by the userid attribute. When users are imported into LDAP federated repository by using an LDAP Data Interchange Format (LDIF) file, an auxiliary class of type eperson and an uid attribute is added to the LDAP user ID. Only perform this task, if you want to search the LDAP federated repository by using VMM from the server.

What to do next

You can create or manage users in Dashboard Application Services Hub that are defined in your LDAP federated repository. In the WebSphere administrative console, you must specify the supported entity types.
Parent topic: Configuring Jazz for Service Management for a central user registry