Apache Directory Service (LDAP) Configuration with WebSphere Application Server

Apache Directory Service is one of the open source LDAP implementations which can be used for demo or proof of concept (PoC) setup. This entry describes the steps on how to configure the Apache LDAP in WebSphere Application Server.

    1. Login to WebSphere Admin Console using cell administration userid and password at http://hostname:admihost_port/ibm/console
    2. Go to Security -> Global Security
    3. Under User account repository section, use Federated repositories as preferred Available realm definitions and click Configure 
    4. Click Add repositories to add a new repository 
    5. On Repository reference page select LDAP repository from the dropdown value 
    6. On the next page to define a new LDAP repository define the following entries
      Type Value
      Repository Identifier ApacheDS (could be anything readable)
      Directory Type Custom
      Hostname your LDAP server hostname
      Port your LDAP server port number (default: 10389)
      Bind distinguished name uid=admin,ou=system
      Bind password secret
      Custom Property Name ldapTimestampFormat
      Custom Property Value yyyyMMddHHmmss.SSSZ

    7. Click Ok and then on next page define the unique distinguished base name for the newly created LDAP repository
    8. Click Ok button
    9. Click the newly created repository identifier ApacheDS in the table
    10. Under Addition Properties section, click Group attribute definition
    11. Click Member attributes under Additional Properties section to define member attributes and then click Ok
      Name Scope Object Class
      uniqueMember direct inetOrgPerson

    12. Define the Name of group membership attribute and then click Ok
      Name Scope
      uniqueMemberOf direct
    13. Click Federated repositories entity types to LDAP object classes mapping to define class mapping and then click Ok
      Entity Type Object Class Search Base
      Group groupOfUniqueNames ou=groups,dc=mukeshverma,dc=com
      PersonAccount inetOrgPerson ou=users,dc=mukeshverma,dc=com

    14. Click Review and Save to save all configuration settings
    15. Restart the server
    16. Verify users and groups and its member after login to the WebSphere Application Server
      LDAP Users
      LDAP Groups

      LDAP Group Members
    17. LDAP Entries

Leave a Reply