Integrating LDAP by using WebSphere Integrated Solutions Console

You can configure IBM Security Key Lifecycle Manager users in any of the LDAP repositories, such as IBM Security Directory Server or Microsoft Active Directory to access IBM Security Key Lifecycle Manager server and call server APIs and CLIs.

1. Add LDAP repository to the federated repository. For the instructions, see Adding LDAP repository to the federated repository.
2. Create the database for LDAP configuration.
   1. Open the DB2 command window.
   2. Run the following command to create the database.

      db2  create database USERDB31 using codeset UTF-8 territory US

3. Update the data source from the WebSphere Integrated Solutions Console with jndi name jdbc/wimXADS. For the instructions, see Updating a data source from WebSphere Integrated Solutions Console.
4. Restart WebSphere® Application Server.
5. Copy db2jcc.jar and db2jcc_license_cu.jar from the DB2SKLMV301 folder to the WAS_HOME/lib folder.
   DB2SKLMV301 path:

   Windows

   drive:\Program Files\IBM\DB2SKLMV301\java

   Linux

   path/IBM/DB2SKLMV301/java

   Default definition of WAS_HOME variable is typically:

   Windows

   C:\Program Files\IBM\WebSphere\AppServer

   Linux

   /opt/IBM/WebSphere/AppServer

6. Create database-based repository to hold all the IBM Security Key Lifecycle Manager application groups. For the instructions, see Creating a database-based repository.
7. From WebSphere Integrated Solutions Console, add security role to user/group mapping and map administrator role to klmGUICLIAccessGroup . For the instructions, see Adding security user roles from WebSphere Integrated Solutions Console.
8. Restart WebSphere Application Server.
9. Add LDAP users to IBM Security Key Lifecycle Manager application groups. For the instructions, see Adding LDAP users to IBM Security Key Lifecycle Manager application groups
10. Take the IBM Security Key Lifecycle Manager application backup. The data in the database-based repository is also backed up.