Granting an administrator rights to Connections 2.5 communitiesAdded by IBM on November 23, 2011 | Version 1 (Original)
|To grant an administrator rights to IBM® Connections 2.5 communities, you need to create a superuser who has access to all communities, public and restricted.
To grant an administrator rights to IBM
® Connections 2.5 communities, you need to create a superuser who has access to all communities, public and restricted.
About this task
With additional configuration on the Connections server, you can create a superuser who can see all communities, public and restricted. For IBM Sametime
® Advanced integration, you need to create a user of this type, and add their login and password credentials to the Sametime
Advanced server so that you can connect on their behalf to list all of the communities.
- To determine the user realm for the new administrative user, do the following:
- In the IBM WebSphere® Application Server Integrated Solutions Console, select Security -> Secure Administration, applications and infrastructure -> Federated Repositories.
- Click Configure.
- On the main Federated repositories page, note the value for the realm name for your application server.
- Open a command window and start the wsadmin command line tool.
- Use one of the following commands to access the Communities configuration files:
Check out the Communities policy configuration file using the following command:
- Stand-alone deployment:
- Network deployment:
From the temporary directory to which you just checked out the Connections configuration files, open the communities-policy.xml file in a text editor.
To add an administrative user with rights to access all Connections communities, add the following grant statement to the file:
- working_directory is the temporary working directory to which the configuration XML and XSD files are copied. The files are kept in this working directory while you make changes to them. ◦
- cell_name is the name of the WebSphere Application Server cell hosting the Connections feature. This argument is required even in stand-alone deployments. This argument is also case-sensitive, so type it with care.
Save your changes to the communities-policy.xml file.
Check in the updated file using the following wsadmin client command:
<comm:principal class="com.ibm.ws.security.common.auth.WSPrincipalImpl" name="YOUR_REALM_NAME/YOUR_LOGIN_ID" />
<comm:permission class="com.ibm.tango.auth.permission.CommunityManagementPermission" communityType="*" action="*" />
<comm:permission class="com.ibm.tango.auth.permission.CommunityMembershipPermission" communityType="*" action="*" />
<comm:permission class="com.ibm.tango.auth.permission.CommunityAccessPermission" communityType="*" action="*" />
<comm:permission class="com.ibm.tango.auth.permission.CommunityReferencePermission" communityType="*" action="*" />
<comm:permission class="com.ibm.tango.auth.permission.CommunityBroadcastPermission" communityType="*" action="*" />
- YOUR_REALM_NAME is the realm name you identified in step 1.
- YOUR_LOGIN_ID is the login ID of the user who you want to set up as the administrator for communities.
To exit the wsadmin client, type exit at the prompt.
Stop and restart the server hosting the Communities feature.
When the user specified in the policy file logs in to Communities, they will be able to view and edit all communities and community resources.
Parent topic: Integrating Sametime Advanced with Connections
Previous topic: Granting an administrator rights to Connections 1.0.2 communities
Next topic: Synchronizing Sametime Advanced with Connections