Switching back to the internal user registry when using WebSphere Application Server Liberty Profile

If you have configured IBM® InfoSphere® Information Server to use an LDAP user registry with WebSphere® Application Server Liberty Profile but no longer wish to authenticate with LDAP, you can switch back to use the internal user registry.

About this task

InfoSphere Information Server supports any LDAP-compliant user registry that IBM WebSphere Application Server Liberty Profile supports.

Procedure

  1. Stop the application server:
    Linux cue graphicUNIX cue graphic
    IS_install_path/ASBServer/bin/MetadataServer.sh stop
    Windows cue graphic
    net stop InfoSvr
  2. Remove the LDAP user registry from the WebSphere Application Server Liberty Profile configuration by commenting out or removing the ldapRegistry element in the IS_install_path/wlp/usr/servers/iis/server.xml file:
  3. Add the InfoSphere Information Server user registry to the WebSphere Application Server Liberty Profile configuration in the IS_install_path/wlp/usr/servers/iis/server.xml file, anywhere before the closing server element.
    <usr_iisRegistry dataSourceRef="DataSource_ASBDataSource"/>
  4. Start the application server:
    Linux cue graphicUNIX cue graphic
    IS_install_path/ASBServer/bin/MetadataServer.sh run
    Windows cue graphic
    net start InfoSvr
  5. If you are switching the user registry for a system that has been used for a while by multiple users, clean up the users and groups that are related to the security configuration. See Switching the user registry configuration for a system in use.
  6. Manually configure one internal user registry user as an administrator user to be able to login to the IBM InfoSphere Information Server Web console and further create users and groups and assign roles.
    cd IS_install_path/ASBServer/bin
    ./DirectoryAdmin.sh -user -userid user_name -password password -admin

    Where:

    user_name
    The user name that you want to be the administrator user. You can name it anything that you want according to the restrictions for internal user registry user IDs. The internal user registry is stored in the metadata repository database.
    password
    The password for the administrator user. You can specify anything according to the restrictions for passwords.

What to do next

After you change the user registry, you can use the administrator user to log into the IBM InfoSphere Information Server Web console to create other users and groups, and to assign roles.