WebSphere Portal 6.1.5 wkplc.properties file reference 

This reference document is based on the wkplc.properties file included with WebSphere Portal 6.1.5. As needed, IBM support will make updates to this reference document to clarify usage and limitations.

About the properties file

The following are general notes about the properties file:

• Do NOT enclose any value in quotes
  
• Windows paths must use /, instead of a \
  
• Windows long paths are okay
  
• Properties are immutable;after they are set they cannot be overridden
  
• Precedence is as follows in descending order
  
• Properties set on command line are read first -DMyNode=somenode
  
• Properties set in properties file are read next
  
• Properties set in buildfile file are read last.
  

General Properties

EngineInstallLocation
Description:This is set by the installer and should not be changed. The value of this property is the location of the ConfigEngine root
Value: Directory path with elements delimited by forward slashes (/)
Examples: i5/OS: /QIBM/UserData/WebSphere/AppServer/V61/ND/profiles/wp_profile/ConfigEngine
Default: c:/IBM/ConfigEngine

WasSoapPort
Description:The port used to connect to the WebSphere Application Server with remote connections
Value: Numeric string
Examples:none available
Default: 10005

WasRemoteHostName
Description: The host name of the server that makes WebSphere Application Server connections.
Value: Host name including the domain
Examples: my_host_name.mydomain.com
Default: no default

WebSphere Application Server Properties

VirtualHostName
Description:The name of the WebSphere Application Server virtual host
Value: Alphanumeric text string
Examples: none available
Default: default_host

WasUserid
Description:The user ID for WebSphere Application Server security authentication. For an LDAP configuration this should be the fully qualified distinguished name (DN) of a current administrative user for the WebSphere Application Server. For a configuration using Virtual Manager User Registry database the short version of the distinguished name must be used.
Value: Alphanumeric text string. Type the value in lower case, regardless of the case used in the distinguished name (DN).
Examples: The following examples are for LDAP security. For LDAP configuration this value should not contain spaces.
Tivoli Directory Server: { uid=wpsbind,cn=users,dc=yourco,dc=com }
Lotus Domino: { cn=wpsbind,o=yourco.com }
Active Directory: { cn=wpsbind,cn=users,dc=yourco,dc=com }
Active Directory Application Mode: { cn=wpsbind,cn=users,dc=yourco,dc=com }
Sun Java System Directory Server: { uid=wpsbind,ou=people,o=yourco.com }
Novell eDirectory { uid=wpsbind,ou=people,o=yourco.com }
Custom User Registry: {wpsbind}
Default: wpsadmin

WasPassword
Description: The password for WebSphere Application Server security authentication. The WasPassword parameter can be specified in this file or you can pass it on the command line using the -DWasPassword=password string.
Value: Alphanumeric text string
Examples: none available
Default: no default

WasHome
Description:The directory where WebSphere Application Server product files are installed. The installation program sets this value based on user input during installation.
Value: Directory path with elements delimited by forward slashes (/)
Examples: An examples is provided for each operating system:
i5/OS: WasHome=/QIBM/ProdData/WebSphere/AppServer/V61/ND
UNIX: WasHome=/opt/IBM/WebSphere/AppServer
Windows: WasHome=C:/WebSphere/AppServer
Default: default values are operating system unique and specific

WasUserHome
Description:The directory where WebSphere Application Server user data is created. The installation program sets this value based on user input during installation.
Value: Directory path with elements delimited by forward slashes (/)
Examples: Examples are provided for each operating system:
i5/OS: /QIBM/UserData/WebSphere/AppServer/V61/ND/profiles/wp_profile
UNIX: /opt/IBM/WebSphere/wp_profile
Windows: WasUserHome=C:/WebSphere/wp_profile
Default: default values are operating system unique and specific

ProfileName
Description:The name of the WebSphere Application Server profile name
Value: Alphanumeric text string
Examples: none available
Default: wp_profile

CellName
Description:The name of the WebSphere Application Server cell where the WebSphere Application Server belongs.
Value: Alphanumeric text string
Examples: none available
Default: portswps

NodeName
Description: The node within the WebSphere Application Server cell where the WebSphere Application Server belongs. This value must be unique among other node names in the same cell. Typically this value is the same as the host name for the computer.
Value: Alphanumeric text string
Examples: none available
Default: portswps

ServerName
Description: The name of the application server where the WebSphere Portal application is deployed. This value must be unique among other application server names in the same cell.
Value: Alphanumeric text string
Examples: none available
Default: WebSphere_Portal

WasAdminServer
Description: The name of the application server for administration. For i5/OS, if your WebSphere Application Server profile was created with a different WebSphere Application Server administrative server name, you should change this value to reflect that.
Value: Alphanumeric text string
Examples:
Default: default values are unique for each operating system.
Windows and Unix: WasAdminServer=server1
i5/OS: WasAdminServer=profile_name

LTPAPassword
Description: Specifies the password to encrypt and decrypt the LTPA keys.
Value: Alphanumeric text string
Examples: none available
Default: no default

wasJvmBitType
Description: Solaris specific property that specifies whether to use the 64 bit or 32 bit JVM.
Value: none available
Examples:
The following examples are for 32bit JVM:
wasJvmBitType=sparc32
wasJvmBitType=x86
wasJvmBitType=ia32
The following examples are for 64bit JVM:
wasJvmBitType=sparc64
wasJvmBitType=x64
Default: sparc32

Portal Configuration Properties

WpsInstallLocation
Description:The directory where WebSphere Portal is installed.
Value: Directory path with elements delimited by forward slashes (/)
Examples: Examples are provided for each operating system:
i5/OS: WpsInstallLocation=/QIBM/UserData/WebSphere/AppServer/V61/ND/profiles/wp_profile/PortalServer
UNIX: WpsInstallLocation=/opt/IBM/WebSphere/PortalServer
Windows: WpsInstallLocation=C:/IBM/WebSphere/Portal
Default: default values are operating system specific

WpsHostName
Description:The fully qualified host name of the Web server that WebSphere Application Server is configured to use. This value is set by the installation program based on user input during installation.
Value: host name, including the domain.
Examples: The following example is the host name for: http://HostName.Domain.com:Port/ContextRoot/DefaultHome
WpsHostName=HostName.Domain.com
Default: localhost

WpsHostPort
Description: The transport port number used to access the host machine identified by the WpsHostName property.
Value: port number
i5/OS: 80
UNIX: 10038
Windows: 80
Examples: none available
Default: default values are operating system specific

PortalAdminId
Description: The user ID for the WebSphere Portal Administrator. The installation program sets this value based on user input during installation.
A valid user ID contains only ASCII characters and can contain the following characters:
Lower case characters {a-z}
Upper case characters {A-Z}
Numbers {0-9}
Exclamation point {!}
Open parenthesis {(}
Close parenthesis {)}
Dash {-}
Period {.}
Question mark {?}
Open bracket {[}
Close bracket {]}
Underscore {_}
Grave accent {`}
Tilde {~}
The user ID cannot contain a space: for example, user ID; and cannot be longer than 200 characters.
(UNIX only) Some tasks may require you to enter the fully qualified user ID. If your fully qualified user ID contains a space; for example: cn=wpsadmin,cn=users,l=SharedLDAP,c=US,ou=Lotus,o=Software Group,dc=ibm,dc=com, you must place the fully qualified user ID in the properties file or into a parent properties file instead of as a flag on the command line. For example, create a parent properties file called mysecurity.properties, enter the fully qualified user ID, and then run the task: ./ConfigEngine.sh task_name -DparentProperties=/opt/mysecurity.properties.

(Windows only) Some tasks may require you to enter the fully qualified user ID. If your fully qualified user ID contains a space; for example: cn=wpsadmin,cn=users,l=SharedLDAP,c=US,ou=Lotus,o=Software Group,dc=ibm,dc=com, you must place quotes around the fully qualified user ID before running the task; for example, "cn=wpsadmin,cn=users,l=SharedLDAP,c=US,ou=Lotus,o=Software Group,dc=ibm,dc=com".
Value: none available
Examples:
Development configuration without security: PortalAdminId=wpsadmin
IBM Directory Server: { uid=,cn=users,dc=yourco,dc=com }
Domino: { cn=,o=yourco.com }
Active Directory: { cn=,cn=users,dc=yourco,dc=com }
Active Directory AM: { cn=,cn=users,dc=yourco,dc=com }
SunOne: { uid=,ou=people,o=yourco.com }
Novell eDirectory { uid=,ou=people,o=yourco.com }
Default: wpsadmin

PortalAdminPwd
Description: The password for the WebSphere Portal Administrator. The installation program sets this value based on user input during installation.
A valid password contains only ASCII characters and can contain the following characters:
Lower case characters {a-z}
Upper case characters {A-Z}
Numbers {0-9}
Exclamation point {!}
Open parenthesis {(}
Close parenthesis {)}
Dash {-}
Period {.}
Question mark {?}
Open bracket {[}
Close bracket {]}
Underscore {_}
Grave accent {`}
Tilde {~}
The password cannot contain a space: for example, pass word; and cannot be longer than 128 characters.
Value: none available
Examples: none available
Default: no default

PortalAdminGroupId
Description: The group ID for the WebSphere Portal Administrator group. The installation program sets this value based on user input during installation.
Value: Make sure to type the value in lower case, regardless of the case used in the distinguished name (DN). Alphanumeric text string, conforming to the LDAP distinguished name format
Examples: The following are examples for each LDAP. In the examples, portaladmingroupid is a variable value that should be modified for your environment.
IBM Directory Server: PortalAdminGroupId={cn=portaladmingroupid,cn=groups,dc=yourco,dc=com }
Domino: PortalAdminGroupId={ cn=portaladmingroupid }
Active Directory: PortalAdminGroupId={ cn=portaladmingroupid,cn=groups,dc=yourco,dc=com }
Active Directory AM: PortalAdminGroupId={ cn=portaladmingroupid,cn=groups,dc=yourco,dc=com }
SunOne: PortalAdminGroupId={ cn=portaladmingroupid,ou=groups,o=yourco.com }
Novell eDirectory PortalAdminGroupId={ cn=portaladmingroupid,ou=groups,o=yourco.com }
Custom user registry: PortalAdminGroupId=cn=wpsadmins,o=default organization
Development configuration without security: PortalAdminGroupId=wpsadmins
Default: wpsadmins

PortalUniqueID
Description:The 12 hex digits unique to this WebSphere Portal instance. Usually a MAC address from a communications adapter on this node. It is used for the object ID creation mechanism and has to be different for each node. Only nodes running on one machine may have the same PortalUniqeID.
Value: 12 digits
Example: none available
Default: 00054E48AA0C

WpsContextRoot
Description:The WebSphere Portal context root or base URI. All URLs beginning with this path will be reserved for WebSphere Portal. The value of this property is part of the URL used to access WebSphere Portal from a browser. In the following URL, wps is the context root: http://localhost:80/wps/portal.
Value: Alphanumeric text string
Examples: none available
Default: wps

WpsHostBasePort
Description: Required for iSeries only. The port block that will be used for WebSphere Portal Server
Value: port number
Examples: none available
Default: 10000
WpsHostOldPort1=9080
WpsHostOldPort2=9090
WpsHostSSLOldPort1=9043
WpsHostSSLOldPort2=9443

SMFLibrary
Description: Required for z/OS only. The library where the ifaedjreg.jar file resides
Value: none available
Examples: none available
Default: no default

SMFNativeLibrary
Description: Required for z/OS only. The library where the SMF DLLs reside.
Value: none available
Examples: none available
Default: no default

ServerShortName
Description: Required for z/OS only. ServerShortName is the server's jobname, as specified in the MVS START command JOBNAME parameter. JOBNAME is the name of the task or script that runs when the server is running. MVS (Multiple Virtual Storage) is the name of the operating system that runs on the mainframe. This value is also passed as a parameter to the server's start procedures to specify the location of the server's configuration files and identify the server to certain WebSphere for z/OS- exploited z/OS facilities (for example, SAF).
Value: The name must be 7 or fewer characters and all uppercase.
Examples: ServerShortName=SAF
Default: BBOS002

ClusterTransitionName
Description: Required for z/OS only. The cluster transition name is the WLM APPLENV (WLM application environment) name for this server.
Value: The name must be 8 or fewer characters and all uppercase.
Examples: none available
Default: BBOC002

WpsSMPEHomeDirectory
Description: Required for z/OS only. WpsSMPEHomeDirectory is the location of the SMP/E install image for the WebSphere Portal SMP/E package.
Value: none available
Examples: none available
Default: no default

Portal Cluster Properties

ClusterName
Description: Use this property to specify the cluster name you want to use when creating the cluster. Do not use spaces or special characters in the cluster name.
Value: none available
Examples: none available
Default: PortalCluster

PushFrequency
Description: Specifies the time, in seconds, to wait before pushing new or modified cache entries to other servers.
Value: 1 or greater
Examples: 1
Default: 1

ReplicationType
Description: Specifies the global sharing policy for this application server. Push only sends the cache ID and cache content of new content to all other servers in the replication domain.
Value: PUSH
Examples: none available
Default: PUSH

PrimaryNode
Description: Set PrimaryNode to true if this is the primary node in your cluster. Set PrimaryNode to false if this is a secondary node.
Value: true false
Examples: none available
Default: true

Stepup Authentication

sua_user
Description: Defines the key which is used to encrypt the Cookie information. The value does not need to match to a real user. For example, you can use myname as the value.
Value: none available
Examples: none available
Default: no default

sua_serversecret_password
Description: This value is used as an encryption key for the information used in the RememberMe cookie, which is part of the step-up authentication. This does not need to be an existing password. For example, you can use mypassword as the value.
Value: none available
Examples: none available
Default: no default

enable_rememberme
Description: Defines if Rememberme should be enabled when the enable-stepup-authentication task is run.
Value: true false
Examples: none available
Default: true

Virtual Portal Configuration

VirtualPortalTitle
Description: This value will be the title of the Virtual Portal.
Value: none available
Examples: none available
Default: no default

VirtualPortalRealm
Description: This value is the realm used for the virtual portal defined in VirtualPortalTitle.
Value: none available
Examples: none available
Default: no default

VirtualPortalHostName
Description: The DNS name of the virtual portal. The virtual portal can be referenced by the DNS name instead of the URL prefix. When the value is left blank, a virtual portal will use the common DNS name used by all portals.
Value: DNS hostname
Examples: none available
Default: no default

VirtualPortalContext
Description: A unique portal context must be provided for the Virtual Portal. If you set the host name parameter (VirtualPortalHostName), the portal context is ignored. A virtual portal can either be accessed by a DNS/Hostname or a URL prefix. When both a DNS/Hostname and URL prefix are provided, the DNS/Hostname will be used for the VirtualPortalContext.
Value: URL prefix
Examples: none available
Default: no default

VirtualPortalNlsFile
Description: An optional file which contains language specific information for the Virtual Portal. Create an NLS file to specify additional titles and descriptions in other languages for your Virtual Portal. Descriptions can only be provided in an NLS file. Do not use prefixes in that NLS file. If you do not specify an NLS file, the Virtual Portal is created with the title that you give as the value to the VirtualPortalTitle parameter only. Titles and descriptions are not created for other languages. However, if you specify an NLS file, the value given for the virtual portal title in the NLS file overrides the value that you provide for the VirtualPortalTitle property. If you want to create a description for the virtual portal, you have to specify this in a national language support (NLS) file. If you want to modify the title or description of the Virtual Portal, you have to add the new title and description to the NLS file.
Value: The path and file name of your NLS file.
Examples: none available
Default: no default

VirtualPortalObjectId
Description: The object ID of the virtual portal. The object ID is required to modify and delete Virtual Portals. To determine what this value is, run the following task: list-all-virtual-portals. Do not delete the default Virtual Portal. The Object ID for the default Virtual Portal ends with _0.
Value: none available
Examples: none available
Default: no default

General Portal Security Properties

ignoreDuplicateIDs
Description: Set this value to true to recover from an incomplete LDAP repository creation if the repository cannot be deleted.
Value: true false
Examples: none available
Default: false

trimSpaces
Description: Set this value to false and add the attribute to the security ANT target in order to contain trailing spaces of attributes defined in this file.
Value: true false
Examples: none available
Default: true

Federated Security Properties

Add or update an LDAP

federated.ldap.id
Description: This value specifies a unique identifier for the repository within the cell. During an update, this value must match the ID of the repository to be updated. Characters that are not allowed in normal XML strings ( & < > " ' ) cannot be used in the repository ID.
Value: none available
Examples: none available
Default: no default

federated.ldap.host
Description: This value specifies the host name of the primary LDAP server. This host name is either an IP address or a domain name service (DNS) name. During an update, this value must match the ID of the repository to be updated.
Value: IP address or domain service name
Examples: none available
Default: no default

federated.ldap.port
Description: This value specifies the LDAP server port.
Value: none available
Examples: none available
Default: 389

federated.ldap.bindDN
Description: This value specifies the distinguished name for the application server to use when binding to the LDAP repository.
Value: none available
Examples: none available
Default: no default

federated.ldap.bindPassword
Description: This value specifies the password for the application server to use when binding to the LDAP repository.
Value: none available
Examples: none available
Default: no default

federated.ldap.ldapServerType
Description: This value specifies the type of LDAP server to which you connect. If your LDAP server version is not listed, enter the value for the highest listed version of your server. For example use AD2003 if you have Active Directory 2008.
Value:
WebSphere Application Server 6.0 must be one of the following values:
SECUREWAY,IDS4,IDS51,IDS52,IDS6,ZOSDS,DOMINO5,DOMINO6,DOMINO65,DOMINO7,NDS,SUNONE,AD2000,AD2003,ADAM,CUSTOM
WebSphere Application Server 7.0 must be one of the following values: IDS, ZOSDS, DOMINO, NDS, SUNONE, AD, ADAM, CUSTOM
Examples: none available
Default: no default

federated.ldap.baseDN
Description: This value specifies the LDAP base entry.
Value: none available
Examples: none available
Default: no default

LDAP entity types
The supported entity types are Group and PersonAccount.
Group entity type:
default searchFilter =
default objectClasses = groupOfNames
default objectClassesForCreate = groupOfNames
default searchBases =
PersonAccount entity type:
default searchFilter =
default objectClasses = inetOrgPerson
default objectClassesForCreate = inetOrgPerson
default searchBases =

Group entity type

federated.ldap.et.group.searchFilter
Description: This value specifies the search filter that you want to use to search the entity type. VMM uses this filter as an addition during search requests in your environment. The syntax is like a standard LDAP searchfilter. If this parameter is blank, WMM will formulate the filter as (&(uid=*)(objectClass=user))
Value: an LDAP search filter
Examples: federated.ldap.et.group.searchFilter=(objectclass=groupOfUniqueNames)
Default: no default

federated.ldap.et.group.objectClasses
Description: This value specifies one or more object classes (separated by ';') for the entity type.
Value: object classes
Examples: none available
Default: groupOfUniqueNames

federated.ldap.et.group.objectClassesForCreate
Description: This value specifies one or more object classes (separated by ';') to use when an entity type is created. If the value of this parameter is the same as the objectClass parameter, you do not need to specify this parameter.
Value: object classes
Examples: none available
Default: no default

federated.ldap.et.group.searchBases
Description: This value specifies the search base or bases to use while searching the entity type. Multiple search bases are separated by semicolon (";"). If search bases are not specified, then VMM will search under the nodes defined in nodeMaps tag. Therefore you can improve performance if you specify search bases, limiting or reducing the number of search bases. If this is a multiple virtual portal environment, the realm definition of the virtual portal overwrites the searchBase for the objectType. To keep virtual portals that do not have a realm assigned to them functional, keep the searchBase in sync with the nodes where you want your search to start.
Value: One or more search bases
Examples: federated.ldap.et.group.searchBases="cn=users1,dc=yourco,dc=com;cn=users2,dc=yourco,dc=com"
Default: no default


PersonAccount entity type

federated.ldap.et.personaccount.searchFilter
Description: The search filter that you want to use to search the entity type. WMM uses this filter as an addition during search requests in your environment. The syntax is like a standard LDAP searchfilter. If no value is specified for this parameter, If this parameter is blank, WMM will formulate the filter as (&(uid=*)(objectClass=user))
Value: LDAP search filter
Examples: federated.ldap.et.personaccount.searchFilter=(objectclass=inetOrgPerson)
Default: no default

federated.ldap.et.personaccount.objectClasses
Description: One or more object classes (separated by ';') for the entity type.
Value: object classes
Examples: none available
Default: inetorgperson

federated.ldap.et.personaccount.objectClassesForCreate
Description: One or more object classes (separated by ';') to use when an entity type is created. If the value of this parameter is the same as the objectClass parameter, you do not need to specify this parameter.
Value: object classes
Examples: none available
Default: no default

federated.ldap.et.personaccount.searchBases
Description: The search base or bases to use while searching the entity type. Multiple search bases are separated by semicolon (";"). If search bases are not specified, then WMM will search under the nodes defined in nodeMaps tag. Therefore you can improve performance if you specify search bases, limiting or reducing the number of search bases.
Value: object classes
Examples: federated.ldap.et.personaccount.searchBases=cn=users1,dc=yourco,dc=com;cn=users2,dc=yourco,dc=com"
Default: no default

Group member attributes

federated.ldap.gm.groupMemberName
Description:The name of the LDAP attribute that is used as the group member attribute.
Value: group member attribute
Examples:
federated.ldap.gm.groupMemberName=uniqueMember
federated.ldap.gm.groupMemberName=Member
Default: uniqueMember

federated.ldap.gm.objectClass
Description: The group object class that contains the member attribute. If you do not define this parameter, the member attribute applies to all group object classes.
Value: none available
Examples:
federated.ldap.gm.objectClass= groupOfNames
federated.ldap.gm.objectClass= groupOfUnqiueNames
Default: groupOfUniqueNames

federated.ldap.gm.scope
Description: The scope of the member attribute.
Value: The valid values for this parameter include the following:
direct - The member attribute only contains direct members.
nested - The member attribute that contains the direct members and the nested members.
Examples: federated.ldap.gm.scope=nested
Default: direct

federated.ldap.gm.dummyMember
Description: If you create a group without specifying a member, a dummy member will be filled in to avoid creating an exception about missing a mandatory attribute. For Active Directory, Sun One and Novell eDirectory servers, the value has to be empty or point to an existing entry in the LDAP directory.
Value: none available
Examples: none available
Default: uid=dummy

Advanced Properties for Group configuration

federated.ldap.gc.name
Description: The name of the membership attribute.
Value: none available
Examples:
Active Directory: federated.ldap.gc.name=memberOf
IBM Directory Server: federated.ldap.gc.name=ibm-allGroups
Default: no default

federated.ldap.gc.updateGroupMembership
Description: Updates the group membership if the member is deleted or renamed. Some LDAP servers, such as Domino server, do not clean up the membership of the user when a user is deleted or renamed. If you choose these LDAP server types in the ldapServerType property, the value of this parameter is set to true. Use this parameter to change the value.
Value: none available
Examples: none available
Default: false

federated.ldap.gc.scope
Description: The scope of the membership attribute.
Value: The valid values for this parameter include the following:
direct - The membership attribute only contains direct groups.
nested - The membership attribute that contains the direct groups and the nested groups.
all - The membership attribute contains direct groups, nested groups, and dynamic members.
Examples: federated.ldap.gc.scope=all
Default: direct

federated.ldap.adapterClassName
Description:The implementation class name for the repository adapter.
Value: class name
Examples: none available
Default: com.ibm.ws.wim.adapter.ldap.LdapAdapter

federated.ldap.supportSorting
Description:Indicates if sorting is supported or not.
Value: true false
Examples: none available
Default: false

federated.ldap.supportTransactions
Description: Indicates if transactions are supported or not.
Value: true false
Examples: none available
Default: false

federated.ldap.isExtIdUnique
Description: Specifies if the external ID is unique.
Value: true false
Examples: none available
Default: true

federated.ldap.supportExternalName
Description: Indicates if external names are supported or not.
Value: true false
Examples: none available
Default: false

federated.ldap.sslEnabled
Description: Specifies whether secure socket communication is enabled to the LDAP server. When enabled (true), the Secure Sockets Layer (SSL) settings for LDAP are used.
Value: true false
Examples: none available
Default: false

federated.ldap.sslConfiguration
Description: Specifies the name of the application server SSL configuration (such as mySSLconfig) to be used for SSL enabled LDAP server. Application Server SSL configuration names can be found in WebSphere Application Server Administrative console at Security-SSL certificate and key management. This property is used to specify a non default SSL configuration if federated.ldap.sslEnabled=true.
Value: none available
Examples: none available
Default: no default

federated.ldap.certificateMapMode
Description: Specifies whether to map X.509 certificates into a LDAP directory by exact distinguished name or certificate filter. Specify the certificate filter to use the specified filter for the mapping, if client certificate authentication is used for portal server.
Value: EXACT_DN, CERTIFICATE_FILTER
Examples: none available
Default: EXACT_DN

federated.ldap.certificateFilter
Description: The filter is used to map attributes in the client certificate to entries within the LDAP repository. Specifies the filter certificate mapping property for the LDAP filter, if client certificate authentication is used for portal server.
Value: The syntax or structure of this filter is: LDAP attribute=${Client certificate attribute}
Examples: federated.ldap.certificateFilter=uid=${SubjectCN}
Default: no default

federated.ldap.supportPaging
Description: Indicates if paging is supported or not.
Value: true false
Examples: none available
Default: false

federated.ldap.authentication
Description:Indicates the authentication method to use.
Value: Valid values include the following: none, strong, simple
Examples: none available
Default: simple

federated.ldap.loginProperties
Description: Indicates the property name used for login.
Value: none available
Examples: federated.ldap.loginProperties=cn
Default: uid

federated.ldap.referral
Description: The LDAP referral.
Value: Valid values include the following: ignore, follow, throw, or false.
Examples: none available
Default: ignore

federated.ldap.derefAliases
Description: Controls how aliases are dereferenced.
Value: Valid values include the following:
always - always deference aliases
never - never deference aliases
finding - deference aliases only during name resolution
searching - deference aliases only after name resolution
Examples: federated.ldap.derefAliases=never
Default: always

federated.ldap.connectionPool
Description: The connection pool.
Value: true false
Examples: none available
Default: false

federated.ldap.connectTimeout
Description:The connection timeout measured in seconds.
Value: numeric
Examples: none available
Default: 0

federated.ldap.primaryServerQueryTimeInterval
Description: Indicates the polling interval for testing the primary server availability. The value of this parameter is specified in minutes.
Value: numeric
Examples: none available
Default: 15

federated.ldap.returnToPrimaryServer
Description:Indicates to return to the primary LDAP server when it is available.
Value: true false
Examples: none available
Default: true

federated.ldap.searchPageSize
Description: The value of search page size. This is the number of entries per page.
Value: numeric
Examples: none available
Default: 50

federated.ldap.searchCountLimit
Description: The value of the search count limit.
Value: numeric
Examples: none available
Default: 500

federated.ldap.searchTimeLimit
Description: The value of the search time limit measured in miliseconds.
Value: numeric
Examples: none available
Default:120000

federated.ldap.translateRDN
Description: Indicates to translate RDN or not. The default value is false.
Value: true false
Examples: none available
Default: false

federated.ldap.cp.maxPoolSize
Description:The maximum number of context instances that can be maintained concurrently by the context pool.
Value: numeric
Examples: none available
Default: 20

Creating or updating a database

Database modification tasks of Virtual Member Manager need a connection to a running server instance. Please check your Server is running prior to executing these tasks

federated.db.DataSourceName
Description: Specifies the JNDI name of the data source used to access the federated database domain.
Value: none available
Examples: none available
Default: vmmfeddbDS

federated.db.DbType
Description: The type of database to be used for VMM Federated database domain for information about supported values. Please check the wkplc_comp.properties file.
Value: Valid values include the following:
db2
oracle
sqlserver
db2_zos
db2_iseries
Examples: none available
Default: db2

federated.db.DbUrl
Description: The Federated domain database URL for information about supported values. Please check the wkplc_comp.properties file.
Value: none available
Examples: none available
Default: jdbc:db2:vmmfeddb

federated.db.DbName
Description: The name of the VMM Federated database. This value should also appear as the database element in DbUrl. Please verify that you point to the same database.
Value: The TCPIP alias for the database
Examples: none available
Default: vmmfeddb

federated.db.id
Description: The ID specifies a unique identifier for the repository within the cell. Characters that are not allowed in normal XML strings ( & < > " ' ) cannot be used in the repository ID.
Value: none available
Examples: none available
Default: vmmDb

federated.db.baseDN
Description: The database base entry. This is the start point where all DB entities will be stored under. Verify the uniqueness of this string.
Value: string
Examples: none available
Default: no default

federated.db.DbUser
Description:The database administrator user ID.
Value: Alphanumeric text string
Examples: none available
Default: db2admin

federated.db.DbPassword
Description: The database administrator password.
Value: none available
Examples: none available
Default: no default

Advanced Database Properties

federated.db.JdbcProviderName
Description: The name of jdbc provider to be used. keep la.JdbcProviderName in sync for the same db type la.JdbcProviderName and federated.db.JdbcProviderName must be different for different database types.
Value: none available
Examples: none available
Default: vmmdbJDBC

federated.db.DbSchema
Description: The VMM Federated domain database schema name. Follow the documentation of the target database management system in order to define a valid schema name as restrictions apply for some database management systems.
Value: none available
Examples: none available
Default: federate

federated.db.DbNameOnZos
Description: Required for DB2 for z/OS and OS/390 only. If running db2_zos as remote database, the name of the remote VMM federated database. If portal is running on z/OS with db2_zos, must be set equal to DbName.
Value: Alphanumeric text string
Examples: none available
Default: WPSTST02

federated.db.XDbName
Description: TCPIP Alias for the database. This property is only required for non-Windows platforms when using DB2 with Type 2 drivers. If you are using Type 4 drivers, this value is not used. It defines the federated database alias that needs to be set if you want to call create-database JDBC driver. The database loop back alias that needs to be set if you plan to use the create-local-database-db2task. The value must be different from the value of dbdomain.DbName. The values for dbdomain.DbName and dbdomain.XDbName must be different in the wpconfig_dbdomain.properties file. For DB2® Content Manager Runtime Edition, this property is the database for tables.
Value: Alphanumeric text string
Examples:
The following example is for Release, Community, Customization, WMM, and the JCR: federated.db.XDbName=wps6TCP
The following example is for Feedback: federated.db.XDbName=fdbk6TCP
The following example is for LikeMinds: federated.db.XDbName=lmdb6TCP
Default: wps6TCP

federated.db.DbNode
Description: Required for Non-Windows platforms when using DB2 only. This value is the node for the VMM federated domain database and needs to be set if you want to call create-database
Value: Alphanumeric text string
Examples: The following example is for Release, Community, Customization, JCR, and VMM databases: federated.db.DbNode=wpsNode
The following example is for Feedback and LikeMinds databases: federated.db.DbNode=pznNode
Default: wpsNode

federated.db.DbStorageGroup
Description: Required for DB2 for z/OS and OS/390 only. The storage group for the VMM federated database.
Value: none available
Examples: none available
Default: WPSSG

federated.db.DbVolumes
Description: Required for DB2 for z/OS and OS/390 only. The volumes for the VMM federated database.
Value: none available
Examples: none available
Default: *

federated.db.DbVcat
Description: Required for DB2 for z/OS and OS/390 only. The VCAT for the VMM federated database.
Value: none available
Examples: none available
Default: DSN810

federated.db.Db4KBufferPoolName
Description: Required for DB2 for z/OS and OS/390 only. The 4K bufferpool name for the VMM federated database.
Value: none available
Examples: none available
Default: BP0

federated.db.Db32KBufferPoolName
Description: Required for DB2 for z/OS and OS/390 only. The 32K bufferpool name for the VMM federated database.
Value: none available
Examples: none available
Default: BP32K

Setting up database tables

federated.db.reportSqlError
Description: Specifies whether to report SQL errors while setting up databases.
Value: true false
Examples: none available
Default: true

federated.db.saltLength
Description: The length of the salt which is used when hashing passwords stored in the Member Manager database repository.
Value: numeric
Examples: none available
Default: 12

federated.db.encryption
Description:
Value: none available
Examples: none available
Default: rZ15ws0ely9yHk3zCs3sTMv/ho8fY17s

federated.db.adapterClassName
Description: The implementation class name for the repository adapter.
Value: none available
Examples: none available
Default: com.ibm.ws.wim.adapter.db.DBAdapter

federated.db.supportSorting
Description: Indicates if sorting is supported or not.
Value: true false
Examples: none available
Default: false

federated.db.supportTransactions
Description: Indicates if transactions are supported or not.
Value: true false.
Examples: none available
Default: false

federated.db.isExtIdUnique
Description: Specifies if the external ID is unique.
Value: true false
Examples: none available
Default: true

federated.db.supportExternalName
Description: Indicates if external names are supported or not.
Value: true false
Examples: none available
Default: false

federated.db.entityRetrievalLimit
Description: Specifies the maximum number of entities that the system can retrieve from the database with a single database query.
Value: numeric
Examples: none available
Default: 50

Federated Custom User Registry Properties

federated.cur.id
Description: The id specifies a unique identifier for the repository within the cell. Characters that are not allowed in normal XML strings ( & < > " ' ) cannot be used in the repository ID.
Value: string
Examples: none available
Default: no default

federated.cur.adapterClassName
Description: The implementation class name for the repository adapter.
Value: none available
Examples: none available
Default: true no default

federated.cur.baseDN
Description: The CUR base entry.
Value: none available
Examples: none available
Default: no default

federated.cur.isExtIdUnique
Description: Specifies if the external ID is unique.
Value: true false
Examples: none available
Default: true

federated.cur.supportExternalName
Description: Indicates if external names are supported or not.
Value: true false
Examples: none available
Default: false

federated.cur.supportPaging
Description: Indicates if paging is supported or not.
Value: true false
Examples: none available
Default: false

federated.cur.supportSorting
Description: Indicates if sorting is supported or not.
Value: true false
Examples: none available
Default: false

federated.cur.supportTransactions
Description: Indicates if transactions are supported or not.
Value: true false
Examples: none available
Default: false

VMM Federated CUR Custom property

cur.id
Description: The ID of the repository, where the custom property will be created.
Value: none available
Examples: none available
Default: no default

cur.name
Description: The name of the custom property.
Value: none available
Examples: none available
Default: no default


cur.value
Description: The value of the custom property.
Value: none available
Examples: none available
Default: no default

VMM Federated repository properties

federated.primaryAdminId
Description: The ID of the WAS administrative user. The ID must exist in a user repository.
Value: none available
Examples:
IBM Directory Server: federated.primaryAdminId={ uid=,cn=users,dc=yourco,dc=com }
Domino: federated.primaryAdminId={ cn=,o=yourco.com }
Active Directory: federated.primaryAdminId={ cn=,cn=users,dc=yourco,dc=com }
SunOne: federated.primaryAdminId={ uid=,ou=people,o=yourco.com }
Novell eDirectory: federated.primaryAdminId= { uid=,ou=people,o=yourco.com }
Default: xyzadmin

federated.realm
Description: The realm name to be used. The existing default realm will be renamed.
Value: none available
Examples: none available
Default: no default

federated.serverId
federated.serverPassword
Description: Specifies a user ID and password in the repository that is used for internal process communication.
Value: none available
Examples: Examples are provided for LDAP:
IBM Directory Server: federated.serverId={ uid=,cn=users,dc=yourco,dc=com }
Domino: federated.serverId={ cn=,o=yourco.com }
Active Directory: federated.serverId={ cn=,cn=users,dc=yourco,dc=com }
Active Directory AM: federated.serverId={ cn=,cn=users,dc=yourco,dc=com }
SunOne: federated.serverId={ uid=,ou=people,o=yourco.com }
Novell eDirectory: federated.serverId={ uid=,ou=people,o=yourco.com }
Default: no default

Advanced Properties

federated.registryClassName
Description: The registry class name.
Value: none available
Examples: none available
Default: com.ibm.ws.wim.registry.WIMUserRegistry

federated.ignoreCase
Description: Whether the query matches case sensitivity. If this is set to false, WebSphere Application Server security will compare DN's case sensitive.
Value: true false
Examples: none available
Default: true

LDAP attribute configuration

federated.ldap.attributes.nonSupported
Description: comma separated list of attributes that will be added/removed from the list of nonsupported attributes
Value: none available
Examples: none available
Default: no default

federated.ldap.attributes.nonSupported.delete
Description: if true, then the attributes in federated.ldap.nonSupported will be deleted from the list of nonsupported attributes, else they will be added.
Value: none available
Examples: none available
Default: no default

Use the following properties to add an attribute mapping between the Portal attribute name and the ldap attribute name:

federated.ldap.attributes.mapping.ldapName
Description: the name of the attribute in LDAP
Value: none available
Examples: none available
Default: no default

federated.ldap.attributes.mapping.portalName
Description: the name of the attribute in portal
Value: none available
Examples: none available
Default: no default

federated.ldap.attributes.mapping.entityTypes
Description: list of entityTypes the mapping should be applied to.
Value: none available
Examples: none available
Default: PersonAccount,Group

VMM Delete federated repository properties

federated.delete.baseentry
Description: The name of the base entry to be deleted from the default realm. If the base entry exists in other realms, it has to be deleted manually first. Leave this empty only if you want to delete the property extension repository.
Value: none available
Examples: none available
Default: no default

federated.delete.id
Description: The ID of the repository to be deleted from the VMM configuration. This parameter must be set to LA if you want to delete the property extension repository.
Value: none available
Examples: none available
Default: no default

Stand alone Security Properties

Setting up an LDAP

standalone.ldap.id
Description: The id specifies a unique identifier for the repository within the cell. Characters that are not allowed in normal XML strings ( & < > " ' ) cannot be used in the repository ID.
Value: string
Examples: none available
Default: no default

standalone.ldap.host
Description: Specifies the host name of the primary LDAP server. This host name is either an IP address or a domain name service (DNS) name.
Value: none available
Examples: none available
Default: no default

standalone.ldap.port
Description: Specifies the LDAP server port.
Value: none available
Examples: none available
Default: no default

standalone.ldap.bindDN
Description: Specifies the distinguished name for the application server to use when binding to the LDAP repository.
Value: none available
Examples: none available
Default: no default

standalone.ldap.bindPassword
Description: Specifies the password for the application server to use when binding to the LDAP repository.
Value: none available
Examples: none available
Default: no default

standalone.ldap.ldapServerType
Description: Specifies the type of LDAP server to which you connect
Value:
For WebSphere Application Server 6.1, it must be one of the following:
SECUREWAY,IDS4,IDS51,IDS52,IDS6,ZOSDS,DOMINO5,DOMINO6,DOMINO65,DOMINO7,NDS,SUNONE,AD2000,AD2003,ADAM,CUSTOM
For ActiveDirectory 2008 use AD2003
For WebSphere Application Server 7.0, it must be one of the following: IDS, ZOSDS, DOMINO, NDS, SUNONE, AD, ADAM, CUSTOM
Examples: none available
Default: no default

standalone.ldap.userIdMap
Description: Specifies the LDAP filter that maps the short name of a user to an LDAP entry. This value is not used during node federation to DMGR with WebSphere Application Server LDAP security enabled.
Value: This value can be multiple objectclass:property pairs delimited by a semicolon (;).
Examples: The following examples displays entries of the object class = inetOrgPerson type by their IDs: standalone.ldap.userIdMap= inetOrgPerson:uid.
Default: no default

standalone.ldap.groupIdMap
Description: Specifies the LDAP filter that maps the short name of a group to an LDAP entry. Specifies the piece of information that represents groups when groups display. Use the asterisk (*) as a wildcard character that searches on any object class in this case. This value is not used during node federation to DMGR with WebSphere Application Server LDAP security enabled.
Value: This value can be multiple objectclass:property pairs, delimited by a semicolon (;).
Examples:The following example displays groups by their names: standalone.ldap.groupIdMap=*:cn
Default: no default

standalone.ldap.groupMemberIdMap
Description: Specifies the LDAP filter that identifies user-to-group relationships. Specifies which property of an objectclass stores the list of members belonging to the group represented by the objectclass. This value is not used during node federation to DMGR with WebSphere Application Server LDAP security enabled.
Value: For SecureWay and Domino, this value can be multiple objectclass:property pairs, delimited by a semicolon (;).
For IBM Directory Server, Sun ONE, and Active Directory, this value can be multiple group attribute:member attribute pairs delimited by a semicolon (;).
Examples: none available
Default: no default

standalone.ldap.userFilter
Description: Specifies the LDAP user filter that searches the user registry for users. This value is not used during node federation to DMGR with WebSphere Application Server LDAP security enabled.
Value: none available
Examples: The following example would be used to look up users based on their user IDs: standalone.ldap.userFilter=(&(uid=%v)(objectclass=inetOrgPerson))
Default: no default

standalone.ldap.groupFilter
Description: Specifies the LDAP group filter that searches the user registry for groups. This value is not used during node federation to DMGR with WebSphere Application Server LDAP security enabled.
Value: none available
Examples: none available
Default: no default

standalone.ldap.serverId
standalone.ldap.serverPassword
Description: Specifies a user ID and password in the repository that is used for internal process communication. This value is not used during node federation to DMGR with WebSphere Application Server LDAP security enabled.
Value: none available
Examples: none available
Default: no default


standalone.ldap.realm
Description: The security context of this server. A realm with this name will be created.
Value: none available
Examples: none available
Default: no default

standalone.ldap.primaryAdminId
standalone.ldap.primaryAdminPassword
Description: The ID and password of the WebSphere Application Server administrative user. The ID must exist in the LDAP server.
Value: none available
Examples: none available
Default: no default


standalone.ldap.primaryPortalAdminId
standalone.ldap.primaryPortalAdminPassword
Description: The ID of the WebSphere Portal administrative user. The ID must exist in the LDAP server.
Value: none available
Examples: none available
Default: no default

standalone.ldap.primaryPortalAdminGroup
Description: The user group with administrative permission in portal. The group must exist in the LDAP server.
Value: none available
Examples: none available
Default: no default

standalone.ldap.baseDN
Description: The LDAP base entry. This is the start point for all LDAP searches of WebSphere Application Server security.
Value: none available
Examples: none available
Default: no default

Entity type Group

standalone.ldap.et.group.searchFilter
Description: The search filter that you want to use to search the entity type. VMM uses this filter as an addition during search requests in your environment. This value can be left blank. If you leave the value blank, no additional filter is applied and the other VMM configuration is used.
Value: The syntax is like a standard LDAP search filter.
Examples: standalone.ldap.et.group.searchFilter=(objectclass=groupOfUniqueNames)
Default: no default

standalone.ldap.et.group.objectClasses
Description: This value specifies one or more object classes (separated by ';') for the group entity type.
Value: One or more object classes (separated by ';')
Examples: none available
Default: groupOfUniqueNames

standalone.ldap.et.group.objectClassesForCreate
Description: The object classes separated by a semi-colon (;) to use when an entity type is created. If the value of this parameter is the same as the objectClass parameter, you do not need to specify this parameter.
Value: none available
Examples: none available
Default: no default

standalone.ldap.et.group.searchBases
Description: The search base or bases to use while searching the entity type.
Value: none available
Examples: none available
Default: no default

Entity type PersonAccount

standalone.ldap.et.personaccount.searchFilter
Description: The search filter that you want to use to search the entity type. VMM uses this filter as an addition during search requests in your environment. This value can be left blank.
Value: The syntax is like a standard LDAP search filter.
Examples: standalone.ldap.et.personaccount.searchFilter= (objectclass=inetorgperson)
Default: no default

standalone.ldap.et.personaccount.objectClasses
Description: This value should match the objectclass used in your LDAP for type User.
Value: One or more object classes, separated by a semi-colon (;) for the entity type.
Examples: none available
Default: inetorgperson

standalone.ldap.et.personaccount.objectClassesForCreate
Description: The object classes, separated by a semi-colon (;), to use when an entity type is created. If the value of this parameter is the same as the objectClass parameter, you do not need to specify this parameter.
Value: none available
Examples: none available
Default: no default

standalone.ldap.et.personaccount.searchBases
Description: The search base or bases to use while searching the entity type.
Value: none available
Examples: none available
Default: no default

Group member attributes

standalone.ldap.gm.groupMemberName
Description: The name of the LDAP attribute that is used as the group member attribute.
Value: none available
Examples: none available
Default: uniqueMember

standalone.ldap.gm.objectClass
Description: The group object class that contains the member attribute. If you do not define this parameter, the member attribute applies to all group object classes.
Value: none available
Examples:
standalone.ldap.gm.objectClass=groupOfUniqueNames
standalone.ldap.gm.objectClass=groupNames
Default: groupOfUniqueNames

standalone.ldap.gm.scope
Description: The scope of the member attribute. The valid values for this parameter include the following:
Value: Valid values include one of the following:
direct - The member attribute only contains direct members.
nested - The member attribute that contains the direct members and the nested members.
Examples: none available
Default: direct

standalone.ldap.gm.dummyMember
Description: If you create a group without specifying a member, a dummy member will be filled in to avoid creating an exception about missing a mandatory attribute. With Active Directory, Sun One and Novell eDirectory the value has to be empty or point to an existing entry in the LDAP directory
Value: none available
Examples: none available
Default: uid=dummy

standalone.ldap.personAccountParent
Description: The default parent to be set for the the entity type PersonAccount
Value: none available
Examples: none available
Default: no default

standalone.ldap.groupParent
Description: The default parent to be set for the the entity type Group
Value: none available
Examples: none available
Default: no default

standalone.ldap.personAccountRdnProperties
Description: The RDN attribute name for the entity type PersonAccount. To reset all the values of the rdnProperties parameter, specify a blank string ("").
Value: string
Examples: none available
Default: uid

standalone.ldap.groupRdnProperties
Description: The RDN attribute name for the entity type Group. To reset all the values of the rdnProperties parameter, specify a blank string ("").
Value: string
Examples: none available
Default: cn

Advanced Properties for Group configuration

standalone.ldap.gc.name
Description: The name of the membership attribute.
Value: none available
Examples:
Active Directory: standalone.ldap.gc.name=memberOf
IBM Directory Server: standalone.ldap.gc.name=ibm-allGroups
Default: no default

standalone.ldap.gc.updateGroupMembership
Description: Updates the group membership if the member is deleted or renamed. Some LDAP servers, for example, Domino server, do not clean up the membership of the user when a user is deleted or renamed. If you choose these LDAP server types in the ldapServerType property, the value of this parameter is set to true. Use this parameter to change the value. The default value is false.
Value: true false
Examples: none available
Default: false

standalone.ldap.gc.scope
Description: The scope of the membership attribute.
Value: The valid values for this parameter include the following:
direct - The membership attribute only contains direct groups.
nested - The membership attribute that contains the direct groups and the nested groups.
all - The membership attribute contains direct groups, nested groups, and dynamic members.
Examples:none available
Default: direct

standalone.ldap.derefAliases
Description: Controls how aliases are dereferenced.
Value: Valid values include:
always - always deference aliases
never - never deference aliases
finding - deference aliases only during name resolution
searching - deference aliases only after name resolution
Examples: none available
Default: always

standalone.ldap.authentication
Description: Indicates the authentication method to use.
Value: Valid values include:
none - Use no authentication (anonymous)
simple - Use weak authentication (clear text password)
strong - Use a token based authentication mechanism
Examples: none available
Default: simple

standalone.ldap.referral
Description:The LDAP referral.
Value: Valid values include:
follow - JNDI will automatically follow the referral link (to a different server)
ignore - JNDI will ignore the referral link
throw - A referral link will be seen as an error condition and an exception will be thrown by the underlying system
Examples: none available
Default: ignore

standalone.ldap.delimiter
Description: Specifies the delimiter used for this realm.
Value: Enter any value but do not leave this field blank.
Examples: none available
Default: /

standalone.ldap.ignoreCase
Description: Whether the query matches case sensitivity. This value is not used during node federation to DMGR with WebSphere Application Server when LDAP security is enabled.
Value: true false
Examples: none available
Default: true

standalone.ldap.sslEnabled
Description: Specifies whether secure socket communication is enabled to the LDAP server. When set to true, the Secure Sockets Layer (SSL) settings for the LDAP server are used.
Value: true false
Examples:
Default: false

standalone.ldap.sslConfiguration
Description: Specifies the name of the application server SSL configuration to be used for SSL enabled LDAP server. This property is used to specify a non default SSL configuration if standalone.ldap.sslEnabled=true is set
Value: none available
Examples: MySSLSettings
Default: no default

standalone.ldap.certificateMapMode
Description: Specifies whether to map X.509 certificates into a LDAP directory by exact distinguished name or certificate filter. Specify the certificate filter to use the specified filter for the mapping, if client certificate authentication is used for portal server.
Value: Valid values include: EXACT_DN, CERTIFICATE_FILTER
Examples: none available
Default: EXACT_DN

standalone.ldap.certificateFilter
Description: Specifies the filter certificate mapping property for the LDAP filter, if client certificate authentication is used for portal server. The filter is used to map attributes in the client certificate to entries within the LDAP repository.
Value: none available
Examples: none available
Default: no default

standalone.ldap.reuseConnection
Description: Should be set to true by default to reuse the LDAP connection. This value is not used during node federation to DMGR with WebSphere Application Server when LDAP security is enabled.
Value: true false
Examples: none available
Default: true

standalone.ldap.searchTimeLimit
Description: Specifies the timeout value in milliseconds for an LDAP server to respond before aborting a request.
Value: numeric
Examples: none available
Default: 120000

standalone.ldap.connectionPool
Description: Defines if VMM will enable the ConnectionPool
Value: true false
Examples: none available
Default: false

standalone.ldap.supportSorting
Description: Indicates if sorting is supported or not.
Value: true false
Examples: none available
Default: false

standalone.ldap.supportPaging
Description: Indicates if paging is supported or not.
Value: true false
Examples: none available
Default: false

standalone.ldap.supportTransactions
Description: Indicates if transactions are supported or not.
Value: true false
Examples: none available
Default: false

standalone.ldap.isExtIdUnique
Description: Specifies if the external ID is unique.
Value: true false
Examples: none available
Default: true

standalone.ldap.supportExternalName
Description: Indicates if external names are supported or not.
Value: true false
Examples: none available
Default: false

standalone.ldap.translateRDN
Description: Indicates to translate RDN or not.
Value: true false
Examples: none available
Default: false

standalone.ldap.searchCountLimit
Description: The value of the search count limit.
Value: numeric
Examples: none available
Default: 500

standalone.ldap.searchPageSize
Description:The value of search page size.
Value: numeric
Examples: none available
Default: no default

standalone.ldap.returnToPrimaryServer
Description: Indicates to return to the primary LDAP server when it is available.
Value: true false
Examples: none available
Default: true

standalone.ldap.primaryServerQueryTimeInterval
Description: Indicates the polling interval for testing the primary server availability. The value of this parameter is specified in minutes.
Value: numeric
Examples: none available
Default: 15

standalone.ldap.loginProperties
Description: Indicates the property name used for login.
Value: none available
Examples: none available
Default: uid

standalone.ldap.cp.maxPoolSize
Description: The maximum number of context instances that can be maintained concurrently by the context pool.
Value: numeric
Examples: none available
Default: 20

LDAP attribute configuration

standalone.ldap.attributes.nonSupported
Description: comma separated list of attributes that will be added/removed from the list of attributes that are not supported.
Value: none available
Examples: none available
Default: no default

standalone.ldap.attributes.nonSupported.delete
Description: If the value is true, the attributes in federated.ldap.nonSupported will be deleted from the list of attributes that are not supported. If the value is set to false, the attributes will be added to to the list of attributes that are not supported.
Value: true false
Examples: none available
Default: no default

Use the following properties to add an attribute mapping between the Portal attribute name and the LDAP attribute name

standalone.ldap.attributes.mapping.ldapName
Description: The name of the attribute in LDAP
Value: none available
Examples: none available
Default: no default

standalone.ldap.attributes.mapping.portalName
Description: The name of the attribute in portal
Value: none available
Examples: none availble
Default: no default

standalone.ldap.attributes.mapping.entityTypes
Description: A comma separated list of entityTypes that the mapping should be applied to.
Value: none available
Examples: none available
Default: PersonAccount,Group

Stand alone Custom User Registry configuration

standalone.cur.id
Description: The id specifies a unique identifier for the repository within the cell. Characters that are not allowed in normal XML strings ( & < > " ' ) cannot be used in the repository ID.
Value: string
Examples: none available
Default: testCur

standalone.cur.baseDN
Description: The custom user registry base entry.
Value: none available
Examples: none available
Default: no default

standalone.cur.realm
Description:The security context of this server.
Value: none available
Examples: none available
Default: no default

standalone.cur.delimiter
Description: Specifies the delimiter used for this realm.
Value: none available
Examples: none available
Default: /

standalone.cur.adapterClassName
Description: The implementation class name for the VMM repository adapter.
Value: none available
Examples: none available
Default: no default

standalone.cur.WasAdapterClassName
Description: The implementation class name for the WebSphere custom user registry adapter.
Value: none available
Examples: none available
Default: no default

standalone.cur.propertyName
standalone.cur.propertyValue
Description: A custom property name-value pair. A custom property will only be added if the standalone.cur.propertyName is defined.
Value: none available
Examples: none available
Default: no default

standalone.cur.primaryAdminId
standalone.cur.primaryAdminPassword
Description: The ID and password of the WAS administrative user. The ID must exist in the custom user registry.
Value: none available
Examples: none available
Default: no defaults

standalone.cur.primaryPortalAdminId
standalone.cur.primaryPortalAdminPassword
Description:The user ID and password of the portal administrative user. The ID must exist in the custom user registry.
Value: none available
Examples: none available
Default: no defaults

standalone.cur.primaryPortalAdminGroup
Description: The ID of the portal administrative user group. The group must exist in the custom user registry.
Value: none available
Examples: none available
Default: no default

standalone.cur.personAccountParent
standalone.cur.groupParent
Description:The default parents to be set for the the entity types PersonAccount and Group
Value: none available
Examples: none available
Default: no default

standalone.cur.personAccountRdnProperties
Description: The RDN attribute name for the entity type PersonAccount. To reset all the values of the rdnProperties parameter, specify a blank string ("").
Value: string
Examples: none available
Default: uid

standalone.cur.groupRdnProperties
Description: The RDN attribute name for the entity type Group To reset all the values of the rdnProperties parameter, specify a blank string ("").
Value: string
Examples: none available
Default: cn

standalone.cur.isExtIdUnique
Description: Specifies if the external ID is unique.
Value: true false
Examples: none available
Default: true

standalone.cur.supportExternalName
Description: Indicates if external names are supported or not.
Value: true false
Examples: none available
Default: false

standalone.cur.supportPaging
Description: Indicates if paging is supported or not.
Value: true false
Examples: none available
Default: false

standalone.cur.supportSorting
Description: Indicates if sorting is supported or not
Value: true false
Examples: none available
Default: false

standalone.cur.supportTransactions
Description: Indicates if transactions are supported or not.
Value: true false
Examples: none available
Default: false

VMM Property Extension Properties

la.JdbcProviderName
Description: The name of JDBC provider portal uses to communicate with its databases. To keep federated.db.JdbcProviderName in sync for the same database type, la.JdbcProviderName and federated.db.JdbcProviderName must be different for different database types
Value: Alphanumeric text string
Examples: none available
Default: vmmdbJDBC

la.DbType
Description: The type of database to be used for VMM property extension database domain.
Value: Valid values include the following:
db2
oracle
sqlserver
sqlserver2005
db2_iseries
db2_zos
Examples: none available
Default: db2

la.DbUrl
Description: The VMM property extension database domain URL.
Value: Valid values include:
Examples:
Default: jdbc:db2:vmmladb

la.DbName
Description: The name of the VMM property extension database. This value should also appear as the database element in DbUrl. Verify that you point to the same database. For non-Windows platforms when using DB2, this value is the TCPIP Alias for the database. For DB2 and DB2 for z/OS, this value cannot exceed 8 characters and can only contain letters and numbers. Refer to your database documentation for more information. For DB2, this value must be different from the value of dbdomain.XDbName.
If you change the name of the WebSphere Portal data source due to a database migration, you must manually update this property in the portal_server_root/config/wpconfig_dbdomain.properties file to maintain the proper resource reference mapping.
Value: Alphanumeric text string
Examples: Recommended value for all domains:

• Release: release
• Community: comm
• Customization: cust
• JCR: jcrdb
• VMM: vmmdb
• Feedback: fdbkdb
• LikeMinds: lmdb

Default: vmmladb

la.DataSourceName
Description:The name of datasource to be used for VMM Federated DB domain
Value: Alphanumeric text string
Examples: none available
Default: vmmladbDS

la.DbUser
Description:The database administrator user ID. This value is specific to DB2.
Value: Alphanumeric text string
Examples: none available
Default: db2admin

la.DbPassword
Description: The database administrator password
Value: Alphanumeric text string
Examples: none available
Default: no default

Advanced Properties

la.DbSchema
Description: The VMM property extension database domain database schema name. Follow the documentation of the target database management system in order to define a valid schema name as restrictions apply for some database management systems.
Value: none available
Examples: none available
Default: federate

la.DbNameOnZos
Description: Required for DB2 for z/OS and OS/390 only. If you are running DB2 for z/OS as remote database, this value is the name of the remote VMM property extension database. If portal is running on z/OS and db2 for z/OS is on the same server, this value must be set equal to DbName value.
Value: none available
Examples: none available
Default: WPSTST02

la.XDbName
Description: Required for Non-Windows platforms when using DB2 locally (on the same server) and DB2 is using the Type 2 JDBC driver. The VMM property extension database alias that needs to be set if you want to use the create-database task.
Value: none available
Examples: none available
Default: wps6TCP

la.DbNode
Description: Required for Non-Windows platforms when using DB2 only. This value is the node for the VMM property extension domain database and needs to be set if you want to use the create-database task.
Value: none available
Examples: none available
Default: wpsNode

la.DbStorageGroup
Description: Required for DB2 for z/OS and OS/390 only. The storage group for the VMM property extension database for the Web Content Management JCR.
Value: none available
Examples: none available
Default: WPSSG

la.DbVolumes
Description: Required for DB2 for z/OS and OS/390 only. The volumes for the VMM lookaside database
Value: none available
Examples: none available
Default: *

la.DbVcat
Description: Required for DB2 for z/OS and OS/390 only. The VCAT for the VMM property extension database.
Value: none available
Examples: none available
Default: DSN810

la.Db4KBufferPoolName
Description: Required for DB2 for z/OS and OS/390 only. The 4K bufferpool name for the VMM property extension database
Value: none available
Examples: none available
Default: BP0

la.Db32KBufferPoolName
Description: Required for DB2 for z/OS and OS/390 only. The 32K bufferpool name for the VMM property extension database
Value: none available
Examples: none available
Default: BP32K

Create property extension tables

la.reportSqlError
Description:Specifies whether to report SQL errors while setting up databases.
Value: true false
Examples: none available
Default: true

la.entityRetrievalLimit
Description: Specifies the maximum number of entities that the system can retrieve from the database with a single database query.
Value: numeric
Examples: none available
Default: 50

la.providerURL
Description: Provider URL. This defines the remote endpoint where your portal server or Deployment Manager installation is available. Check the value for localhost:port The port should point to the bootstrap Port of WebSphere_Portal or Deployment Manager. Deployment Manager is used in a cluster environment
Value: none available
Examples: corbaloc:iiop:dmgr.example.com:9809
Default: corbaloc:iiop:localhost:10031

la.propertyName
Description: Name of the property to be added.
Value: Alphanumeric text string
Examples: email, dept
Default: no default

la.entityTypes
Description:A list of entity types, the new property is applicable to
Value: Valid values include:
PersonAccount
Group
PersonAccount,Group
Examples: none available
Default: no default

la.dataType
Description:
Value: String
Examples: la.dataType=string
Default: no default

la.multiValued
Description: Defines if the property can contain multiple attributes or not
Value: true false
Examples: none available
Default: no default

repositoryId
Description: This value is only used for the wp-add-property task. Adding a property to VMM configuration of a repository does not add the property to the LDAP system.
Value: List of repositories that the new property will be added to. The list of repositories must be separated by a comma. Leave the value blank to add the property to all repositories.
Examples: none available
Default: no default

VMM LDAP entity type configuration

et.ldap.id
Description: This value specifies the LDAP server ID.
Value: String
Examples: myLDAPServer
Default: no default

et.entityTypeName
Description: This value specifies the name of the entity type to be created/updated/deleted
Value: Valid Input values are Group or PersonAccount
Examples: none available
Default: no default

et.objectClass
Description: This value specifies a semi-colon (;) delimited list of object classes to be added.
Value: String
Examples: groupOfUniqueNames
Default: no default

et.searchFilter
Description: This value specifies the search filter that you want to use to search the entity type.
Value: string
Examples: a filter like departmentNumber=1234 would only allow objects with this departmentnumber to be a valid search result
Default: no default

et.objectClassesForCreate
Description: This value specifies a semi-colon (;) delimited list of object classes to use when an entity type is created. If the value of this parameter is the same as the objectClass parameter, you do not need to specify this parameter.
Value: string
Examples: groupOfUniqueNames
Default: no default

et.searchBases
Description: This value specifies the search base or bases to use while searching the entity type.
Value: string
Examples: o=foo,o=bar
Default: no default

et.rdnName
Description: This value specifies additional attributes for the wp-add-ldap-entitytype-rdn task. The attribute name that is used to build the relative distinguished name (RDN) for the entity type.
Value: none available
Examples: none available
Default: no default

VMM supported entity types configuration

entityTypeName
Description: This value specifies the name of the entity type.
Value: none available
Examples: none available
Default: no default

defaultParent
Description: This value specifies the base entry name that will be used as default parent for the given entity type.
Value: none available
Examples: none available
Default: no default

rdnProperties
Description: This value specifies the RDN attribute name for the supported entity type in the entity domain name. To reset all the values of the rdnProperties parameter, specify a blank string (""). Value: string
Examples: none available
Default: cn

personAccountParent
Description: This value specifies the default parent of the entity type PersonAccount
Value: none available
Examples: none available
Default: no default

groupParent
Description: This value specifies the default parents of the entity type Group
Value: none available
Examples: none available
Default: no default

personAccountRdnProperties
Description: This value specifies the RDN attribute name for the entity type PersonAccount. To reset all the values of the rdnProperties parameter, specify a blank string ("").
Value: string
Examples: none available
Default: uid

groupRdnProperties
Description: This value specifies the RDN attribute name for the entity type Group. To reset all the values of the rdnProperties parameter, specify a blank string ("").
Value: none available
Examples: none available
Default: cn


gm.ldap.id
Description: This value specifies the LDAP server ID.
Value: none available
Examples: none available
Default: no default

gm.groupMemberName
Description: This value specifies the name of the LDAP attribute that is used as the group member attribute. If the group member does not yet exist, it will be created
Value: none available
Examples:
gm.groupMemberName=member
gm.groupMemberName=uniqueMember
Default: no default

gm.objectClass
Description: This value specifies the group object class that contains the member attribute. If you do not define this parameter, the member attribute applies to all group object classes.
Value: none available
Examples:
gm.objectClass=groupOfNames
gm.objectClass=groupOfUnqiueNames
Default: no default

gm.scope
Description: This value specifies the scope of the member attribute.
Value: Valid values include:
direct - The member attribute only contains direct members.
nested - The member attribute that contains the direct members and the nested members.
Examples: none available
Default: no default

gm.dummyMember
Description: If you create a group without specifying a member, a dummy member will be filled in to avoid creating an exception about missing a mandatory attribute.
Value: none available
Examples: none available
Default: no default

VMM LDAP group member attribute configuration

gc.ldap.id
Description: This value specifies the LDAP server ID.
Value: none available
Examples: none available
Default: stand-alone

gc.name
Description: This value specifies the name of the membership attribute.
Value: none available
Examples:
Active Directory example - gc.name=memberOf
IBM Directory Server - gc.name=ibm-allGroups
Default: ibm-allGroups

gc.updateGroupMembership
Description: Updates the group membership if the member is deleted or renamed. Some LDAP servers, such as Domino server, do not clean up the membership of the user when a user is deleted or renamed. If you choose these LDAP server types in the ldapServerType property, the value of this parameter is set to true. Use this parameter to change the value.
Value: true false
Examples: none available
Default: false

gc.scope
Description: This value specifies the scope of the membership attribute.
Value: Valid values include:
direct - The membership attribute only contains direct groups.
nested - The membership attribute that contains the direct groups and the nested groups.
all - The membership attribute contains direct groups, nested groups, and dynamic members.
Examples: none available
Default: direct

VMM LDAP context pool

cp.ldap.id
Description: This value specifies the LDAP server ID.
Value: none available
Examples: none available
Default: no default

cp.maxPoolSize
Description: This value specifies the maximum number of context instances that can be maintained concurrently by the context pool.
Value: numeric
Examples: none available
Default: 20

VMM realm configuration

realmName
Description: This value specifies the name of the realm to be created or updated. If no realm name is given, the default realm will be updated.
Value: none available
Examples: none available
Default: no default

addBaseEntry
Description: This value specifies the name of base entry to be added to the realm.
Value: none available
Examples: none available
Default: no default

securityUse
Description: This value specifies a string that indicates if this virtual realm will be used in security now, later, or never.
Value: Valid values includes: now, later, never, inactive, and nonSelectable
Examples: none available
Default: active

delimiter
Description: This value specifies the delimiter used for this realm.
Value: /
Examples: none available
Default: no default

deleteRealmName
Description: This value specifies the name of the realm to be deleted.
Value: none available
Examples: none available
Default: no default

defaultRealmName
Description: This value specifies the name of the new default realm.
Value: none available
Examples: none available
Default: no default

deleteBaseEntry
Description: This value specifies the name of the base entry to be deleted from the realm.
Value: none available
Examples: none available
Default: no default

realm.personAccountParent
Description: This value specifies the default parents to be set for the the entity type PersonAccount. The realm entered in realmName will be used to perform the change.
Value: none available
Examples: none available
Default: no default

realm.groupParent
Description: This value specifies the default parents to be set for the the entity type Group. The realm entered in realmName will be used to perform the change.
Value: none available
Examples: none available
Default: no default

realm.orgContainerParent
Description: This value specifies the default parents to be set for the the entity type OrgContainer. The realm entered in realmName will be used to perform the change
Value: none available
Examples: none available
Default: no default

VMM repository base entry configuration

id
Description:This value specifies the ID of the repository, where the base entry will be created, updated, or deleted. When a base entry is created, it will automatically be added to the default realm.
Value: none available
Examples: none available
Default: no default

baseDN
Description: This value specifies the name of the base entry to be created, updated, or deleted
Value: none available
Examples: none available
Default: no default

nameInRepository
Description: This value specifies the distinguished name in the repository that uniquely identifies the base entry name. In most cases this should be the same as baseDN.
Value: none available
Examples: none available
Default: no default

Change administrative users

newAdminId
Description: This value specifies the new ID of the administrative user. A valid user ID contains only ASCII characters and can contain the following characters:
Lower case characters {a-z}
Upper case characters {A-Z}
Numbers {0-9}
Exclamation point {!}
Open parenthesis {(}
Close parenthesis {)}
Dash {-}
Period {.}
Question mark {?}
Open bracket {[}
Close bracket {]}
Underscore {_}
Grave accent {`}
Tilde {~}

The user ID cannot contain a space: for example, user ID; and cannot be longer than 200 characters.
(UNIX only) Some tasks may require you to enter the fully qualified user ID. If your fully qualified user ID contains a space; for example: cn=wpsadmin,cn=users,l=SharedLDAP,c=US,ou=Lotus,o=Software Group,dc=ibm,dc=com, you must place the fully qualified user ID in the properties file or into a parent properties file instead of as a flag on the command line. For example, create a parent properties file called mysecurity.properties, enter the fully qualified user ID, and then run the task: ./ConfigEngine.sh task_name -DparentProperties=/opt/mysecurity.properties.

(Windows only) Some tasks may require you to enter the fully qualified user ID. If your fully qualified user ID contains a space; for example: cn=wpsadmin,cn=users,l=SharedLDAP,c=US,ou=Lotus,o=Software Group,dc=ibm,dc=com, you must place quotes around the fully qualified user ID before running the task; for example, "cn=wpsadmin,cn=users,l=SharedLDAP,c=US,ou=Lotus,o=Software Group,dc=ibm,dc=com".
Value: none available
Examples: none available
Default: no default

newAdminPw
Description: This value specifies the new password of the administrative user. A valid password contains only ASCII characters and can contain the following characters:
Lower case characters {a-z}
Upper case characters {A-Z}
Numbers {0-9}
Exclamation point {!}
Open parenthesis {(}
Close parenthesis {)}
Dash {-}
Period {.}
Question mark {?}
Open bracket {[}
Close bracket {]}
Underscore {_}
Grave accent {`}
Tilde {~}

(Unix only): The password cannot contain a space: for example, pass word; and cannot be longer than 128 characters.

Value: none available
Examples: none available
Default: no default

newAdminGroupId
Description: This value specifies the new ID of the portal administrative group
Value: none available
Examples: none available
Default: no default

VMM change attribute configuration

user.attributes.required
Description: This value specifies the new (comma separated) list of attributes that are required for user creation
Value: none available
Examples: none available
Default: sn

user.attributes.nonsupported
Description: This value specifies the new (comma separated) list of attributes that will be ignored by portal
Value: none available
Examples: none available
Default: certificate,identifier

Restore VMM security

restore.file.realm
Description: The realm name to be used. A realm with this name will be created.
Value: none available
Examples: none available
Default: federatedRealm

restore.file.delimiter
Description: Specifies the delimiter used for this realm.
Value: Enter any value but do not leave this field blank.
Examples: none available
Default: /

restore.file.primaryAdminId
Description: The ID (shortname) of the WAS administrative user. The ID must exist in a user repository.
Value: none available
Examples: none available
Default: adminUID

restore.file.primaryAdminPassword
Description: The password (shortname) of the WAS administrative user.
Value: none available
Examples: none available
Default: adminPWD

restore.file.primaryPortalAdminGroup
Description: The user group (short name) with administrative permission in portal. The group must exist in the LDAP server.
Value: none available
Examples: none available
Default: adminGroupCN

End of properties reference