Linux stand-alone: Configuring your portal to use dynamic groups

By default, WebSphere® Portal is enabled for static groups. However, the Virtual Member Manager (VMM) allows users to be members of either static or dynamic groups. Static groups are those where a persistent binding exists between a group and its members. Dynamic groups are those where a search query is defined to retrieve the members of a group. If you have your LDAP server configured to use dynamic groups, complete the steps in this task for WebSphere Portal to use dynamic group queries when you setup your LDAP server.

Before you begin

Perform the required tasks to configure either a stand-alone or federated LDAP server security.

About this task

The steps in this task use groupOfURLs as the object class for dynamic groups and memberURL as the dynamic membership attribute. The actual values for object classes and dynamic membership attributes can vary depending on your LDAP server. For this reason, you should export an LDIF file to verify the object classes and dynamic membership attributes. Either refer to your LDAP documentation or ask your LDAP administrator for instructions on exporting an LDIF file.

Clustered environments: Perform the following steps on the Deployment Manager then synchronize the nodes.

To configure WebSphere Portal to use dynamic groups, do the following:

Procedure

  1. If you are using a Stand-alone LDAP server, follow these steps.
    1. Navigate to the following directory: wp_profile_root/cells/cell_name/wim/config.
    2. Locate and open wimconfig.xml with any text editor.
    3. Add the following line to the <config:groupConfiguration> tag: 
      <config:dynamicMemberAttributes name="memberurl" objectClass="groupofurls"/>
    4. Save and close wimconfig.xml.
  2. If you are using a Federated LDAP server, follow these steps.
    1. Log in to the WebSphere Integrated Solutions Console.
    2. Select Security > Global security.
    3. In Available realm definitions, select Federated repositories and click Configure.
    4. In Related Items, click Manage repositories.
    5. Select the appropriate repository from the list.
    6. In Additional Properties, click Group attribute definition then click Dynamic member attributes.
    7. Click New and specify values for the Name and Object class fields as appropriate. For example,
      • Name: memberurl
      • Object class: groupofurls
    8. Click OK and save the changes to the master configuration.
  3. Stop and restart the appropriate servers to propagate the changes. For specific instructions, see Starting and stopping servers, deployment managers, and node agents.