Use your LDAP or the default file system repository to add users and create groups.
If you are using an LDAP, make sure you have access to create users and groups.
By default, a user ID must have a minimum of three characters. This can be changed by modifying the service configuration property inuser.YOURATTRIBUTE.min
. This property defines the minimum number of characters that is allowed for a user ID. To define the character set against which characters are validated, you can modify user.YOURATTRIBUTE.charset
. By default, the character set is ascii, though unicode is also supported.
The configuration for these properties is stored in IBM® WebSphere® Application Server administrative console. They can also be set by running the following configuration task: ./ConfigEngine.sh -DWasUserid=userid -DWasPassword=password update-properties
. For more information, refer to the IBM WebSphere Portal version 6.1.5 information center.
- LDAP: In most production environments, users and groups are added using your appropriate LDAP. You may need to ask your LDAP administrator for an ID to bind with the LDAP. Once a user ID has been added to the LDAP, that user can log into the server.
- File system repository: If you are using the default file system repository instead of an LDAP, use Advanced Administration -> Users and groups to add users and groups.
Log out of the server after making any changes to group membership, including adding members to a group or assigning new permissions. When you log in again, modifications to group membership and permissions are updated and display correctly. Note that the new attribute must be defined to Member Services by updating the database before setting a value for that attribute.
Groups may be nested. Two groups are nested if one of the groups contains the other group as a member. The access control system treats this as though all members of the contained group are also members of the containing group. In other words, permissions for nested groups are treated as cumulative. For example, a GlobalMarketing group could contain another group, USMarketing. This would result in all of the members of USMarketing being treated as members of GlobalMarketing. This means that members of USMarketing inherit the access rights granted to GlobalMarketing members.
Parent topic: Managing users and groups: qp85
WebSphere Portal configuration services
Setting WebSphere Portal service configuration properties