You can use IBM Security Directory Server to provide a trusted identity data infrastructure for authentication.
IBM® Security Directory Server provides a server that stores directory information using a DB2 database. It also provides a proxy server for routing LDAP operations to directory servers with database. IBM Security Directory Server provides client utilities and graphical user interfaces (GUI), such as Instance Administration Tool (idsxinst
) and Configuration Tool (idsxcfg
), to manage servers.
This section does not provide steps of setting up IBM Security Directory Server since they are documented in elsewhere already. Rather, we provide the necessary references for you to get the information.
file, and then run the populate_from_dns_files.bat
To prepare to configure your LDAP directory with IBM WebSphere Application Server, complete the following steps:
1. Identify LDAP attributes to use for the following roles. If no corresponding attribute exists, create one. You can use an attribute for multiple purposes. For example, you can use the mail attribute to perform the login and messaging tasks.
- Display name: The cn LDAP attribute is used to display a person's name in the product user interface. Ensure that the value you use in the cn attribute is suitable for use as a display name.
- Log in: Determine the attributes that you want the users to use to log in to IBM Connections. For example, uid.
Note: The login name must be unique in the LDAP directory.
- Messaging: (Optional) Determine which attribute to use to define the email address of a use. The email address must be unique in the LDAP directory. If a user does not have an email address and does not have an LDAP attribute that represents the email address, that user cannot receive notifications.
- Global unique identifier (GUID): Determine which attribute to use as the unique identifier of each user and group in the organization. This value must be unique across the organization.
2. Collect the following information about your LDAP directory before configuring it for WebSphere Application Server:
- Directory Type: Identifies and selects a directory service from the available vendors and versions.
- Primary host name
- Bind distinguished name
- Bind password
- Certificate mapping
- Certificate filter, if applicable.
- LDAP entity types or classes: Identifies and selects LDAP object classes. For example, select the LDAP inetOrgPerson object class for the Person Account entity, or the LDAP groupOfUniqueNames object class for the Group entity.
- Search base: Identifies and selects the distinguished name (DN) of the LDAP subtree as the search scope, for example, select o=ibm.com to allow all directory objects underneath this subtree node to be searched. Examples for the Group Search, use the following LDAP attributesor: Group, OrgContainer, PersonAccount, or inetOrgPerson.
Installation with IBM Installation Manager
IBM® Installation Manager is a tool that you can use for the installation and maintenance of IBM Security Directory Server and its core pre-requisite software.
IBM Installation Manager overview
IBM Installation Manager is an installation wizard that guides you through the steps to install, modify, update, roll back, or uninstall IBM products. It can use remote or local software repositories for installation. For information, click here
Supported operating systems
You can use IBM Installation Manager for the installation of IBM Security Directory Server on AIX® (ppc64), Linux (AMD64/EM64T architecture), and Microsoft Windows. For information, click here
IBM Security Directory Server installation package types
To choose the correct IBM Security Directory Server installation package, you must know the available installation package types. For information, click here
You must consider some restrictions before you begin the installation of IBM Security Directory Server with the IBM Installation Manager. For information, click here
IBM Security Directory Server components
When you install IBM Security Directory Server with the IBM Installation Manager, you can select the components that you want to install. IBM Installation Manager displays the dependencies of each component that you select. For information, click here
IBM Security Directory installation customization
You can customize the IBM Security Directory Server installation to suit your product usage. For information click here
Default installation locations
If you run IBM Installation Manager for installation, IBM Security Directory Server and its co-requisite software is installed in the predefined installation location. For information, click here
The installation repository is the location where the IBM Security Directory Server packages are available for installation. For information, click here
Starting the installation
You can start the installation of IBM Security Directory Server either by using the Launchpad or by using IBM Installation Manager set with repository preferences. For information, click here
Installing with IBM Installation Manager
Complete the steps to install IBM Security Directory Server with the IBM Installation Manager. For information, click here
Silent mode installation
You can use silent mode installation to install IBM Security Directory Server on multiple system without any manual interventions. For information, click here