Enabling LDAP authentication
Web user accounts can be authenticated against a Lightweight Directory Access Protocol (LDAP) or Secure LDAP (LDAPS) server. You can authenticate web users by using the REST API, the web user interface, the IBM® App Connect Enterprise Toolkit, or custom integration applications that use the Integration API.
Before you begin
- IBM Tivoli® Directory Server
- Microsoft Active Directory
- OpenLDAP
About this task
You can enable LDAP authentication for an integration node. See Enabling an integration node to use LDAP for authentication. You can also enable LDAP authentication for an integration server. See Enabling an integration server to use LDAP for authentication.
If a web user account has a local password, and LDAP authentication is enabled, the local password is ignored. When LDAP authentication is enabled, all web user logins must be authenticated by using LDAP. Any local passwords are ignored.
Enabling an integration node to use LDAP for authentication
About this task
Alternatively, you can enable LDAP authentication for an integration node by running the mqsichangeproperties command. For more information, see Enabling LDAP authentication by using the mqsichangeproperties command.
Procedure
Enabling an integration server to use LDAP for authentication
Procedure
What to do next
You might want to authorize users for administration. For more information, see Authorizing users for administration.