Enabling security requires the creation of a WebSphere® Application Server administrative user. Use the Tivoli® Access Manager command-line pdadmin utility to create the Tivoli Access Manager administrative user for WebSphere Application Server. This utility is available on the policy
server host machine.
About this task
Follow these steps to use the pdadmin utility.
Procedure
- From a command line, start the pdadmin utility as the Tivoli Access Manager administrative user, sec_master:
pdadmin -a sec_master -p sec_master_password
- Create a WebSphere Application Server
security user. For example, the following instructions create a new user, wasadmin. The
command is entered as one continuous line:
pdadmin> user create wasadmin cn=wasadmin,o=organization,
c=country wasadmin wasadmin myPassword
Substitute values for organization and country that are valid for your Lightweight Directory
Access Protocol (LDAP) user registry.
- Enable the account for the WebSphere
Application Server security administrative user by issuing the following command:
pdadmin> user modify wasadmin account-valid yes
What to do next
Configure the Java™ Authorization Contract for
Container (JACC) provider for Tivoli Access Manager. For
more information, see Tivoli Access
Manager JACC provider configuration.