After you create and use the LDAP user registry in the
default federated repository, you might find that your LDAP user registry
is not working correctly. You can update the LDAP user registry and
make the necessary changes. For example, you can change your LDAP
Bind password.
Before you begin
In a stand-alone server environment, you can complete the
following task when the servers are either stopped or started. In
a clustered environment, start the deployment manager and node agent.
Then, verify that they are able to synchronize.About this task
Note: The update federated LDAP user registry task does not
modify the following attributes:
- Administrative users
- Entity types
- LDAP entity types
- LDAP group membership attributes
- LDAP group configuration
- LDAP context pool
There are separate tasks to update these attributes.
Procedure
- Go to the wp_profile_root/ConfigEngine/properties directory.
- Open the wkplc.properties file with a text editor.
- Enter the following parameters in the wkplc.properties file
under Federated LDAP repository heading:
Note: Go to the properties file for specific information about the parameters.
- federated.ldap.id
- federated.ldap.host
- federated.ldap.baseDN
- federated.ldap.ldapServerType
- federated.ldap.port
- federated.ldap.bindDN
- federated.ldap.bindPassword
- Save your changes to the wkplc.properties file.
- Open a command prompt.
- Change to the wp_profile_root/ConfigEngine directory.
- Run the following task to validate your LDAP server settings:
- AIX®
HP-UX
Linux
Solaris: ./ConfigEngine.sh validate-federated-ldap
-DWasPassword=password
- IBM® i: ConfigEngine.sh validate-federated-ldap
-DWasPassword=password
- Windows: ConfigEngine.bat validate-federated-ldap
-DWasPassword=password
Note: In an environment that is configured with
an LDAP with SSL, you are prompted to add a signer to the truststore.
The prompt is Add signer to the truststore now?.
If you do, press y and then Enter.
- Run the following task to update the LDAP user registry
in the default federated repository:
- AIX
HP-UX
Linux
Solaris: ./ConfigEngine.sh wp-update-federated-ldap
-DWasPassword=password
- IBM i: ConfigEngine.sh wp-update-federated-ldap
-DWasPassword=password
- Windows: ConfigEngine.bat wp-update-federated-ldap
-DWasPassword=password
Note: You cannot change the host name of an existing LDAP repository definition when you run this
task. If you want to change the host name for an existing LDAP repository, you must delete the
existing repository and run the wp-create-ldap task to create a new
repository.
- Stop and restart the appropriate servers to propagate the
changes. For instructions, go to Starting and stopping servers, deployment managers, and node agents.