Before you begin
To edit configuration files, you must use the wsadmin client. See Starting the wsadmin client
for information about how to start the wsadmin command-line tool.
About this task
Default mappings for uid and mail are provided. To use a mapping for loginId
, replace ADMIN_REPLACE
in the loginField
element with the appropriate login attribute specified in WebSphere
® Application Server. This section should only contain those login attributes that will be used in a deployment. For example, if users only log in with email, then the mappings for uid
should be commented out or removed.
For more information on enabling and disabling access, see Forcing users to log in before they can access an application
The login attributes described here refer to the Profiles database table, not the LDAP; the values you enter in the Admin Console refer to the LDAP. Thus if an LDAP field has been added using the Admin Console, you would not need to add it to the Profiles database using the procedure described here.
When editing the login table in the Profiles database, you can comment out login attributes that you do not need, but you should not use the login table to add new login attributes.
Parent topic: Customizing Profiles
Applying property changes in Profiles
Forcing users to log in before they can access an application
- Start the wsadmin client from the following directory of the system on which you installed the Deployment Manager:
is the WebSphere
Application Server installation directory and dm_profile_root
is the Deployment Manager profile directory, typically dmgr01.
You must start the client from this directory or subsequent commands that you enter do not execute correctly.
- Start the Profiles Jython script interpreter.
- Enter the following command to access the Profiles configuration files:
If prompted to specify a service to connect to, type 1 to pick the first node in the list. Most commands can run on any node. If the command writes or reads information to or from a file using a local file path, you must pick the node where the file is stored.
- Enter the following command to check out the Profiles configuration files:
- working_directory is the temporary working directory to which the configuration XML and XSD files are copied and are stored while you make changes to them. Use forward slashes (/) to separate directories in the file path, even if you are using the Microsoft Windows operating system.
Note: AIX and Linux only: The directory must grant write permissions or the command does not complete successfully.
- cell_name is the name of the WebSphere Application Server cell hosting the Profiles application. This argument is required. It is also case-sensitive, so type it with care. If you do not know the cell name, you can determine it by typing the following command in the wsadmin command processor: print AdminControl.getCell()
- AIX or Linux:
- Microsoft Windows:
- Locate the Profiles configuration file, profiles-config.xml, in the local working directory specified in the checkOutConfig command. The Profiles configuration file contains the various configuration settings for the Profiles application. The following section of the file can be used for customizing login attributes:
The uid, mail, and loginId options are on the first side of the +
in the map_dbrepos_from_source.properties
file and refer to data in the Profiles database table. The value on the other side of the =
is the LDAP (or function) name.
- The uid value pertains to the EMPLOYEE PROF_UID column.
- The email value pertains to the PROF_MAIL column.
- The loginId value pertains to the EMPLOYEE PROF_LOGIN column and the PROF_LOGIN table and refers to the mappings loginId= and logins=. For example, you could set logins= to employee number.
- Comment out any attributes that are not used in your environment, as in the following example:
<! -- The following login attribute is not used