Page 1 of 1

IIS - LDAP authentication

Posted: Tue Jun 08, 2010 2:29 pm
by attu
Hi,
I would like to know the steps involved while changing Custom user registry to LDAP?

Appreciate if anyone has implemented it and can share their views about it.

Thanks

Posted: Tue Jun 08, 2010 5:12 pm
by ray.wurlod
The steps are documented in detail in Chapter 10 of the installation guide.

The secret is plan, plan again, document your plan and get a second opinion.

Back up the existing, working system.

You need an LDAP user authorized to query the LDAP-compliant user registry.
Configure LDAP in WebSphere Application Server, then switch it to LDAP authentication saving the results if the test connection succeeds.
Use AppServerAdmin.sh to spread the news to all applications that need to know.
Use DirectoryAdmin.sh to clean out the internal user registry in Information Server if necessary.
Use Web Console for Information Server to grant suite and suite component roles and DataStage credentials to LDAP users. (How you do the DataStage credentials will depend on whether you're using PAM on the UNIX/Linux machine where the engine tier is installed.)