<property id="ldap_server" value="ldap://server.domain.co.uk/" /> <property id="ldap_base" value="ou=ges,o=geac,c=uk" /> <property id="ldap_bind_dn" value="cn=root" />

<property id="ldap_bind_password" value="password" />

<property id="authorization_group_type" value="businesscategory" />

</directory> </authentication_context>

Change the ldap.server parameter to the name and domain of the iSeries that is running the LDAP service. You may also change other LDAP properties if required, for example, LDAP base.

XML security

If an LDAP server is not present, then you can configure the DEFAULT context to use /vendorconnect/deployed/UserDirectory.xml as the user directory. Simply edit the following settings in SecurityManager.xml:

<authentication_context id="XML"> <directory id="file" type="XML">

<property id="file" value="UserDirectory.xml" /> </directory>

</authentication_context>

<authentication_context id="DEFAULT"> <directory id="SecureWay" type="LDAP">

<property id="ldap_server" value="ldap://server.domain.co.uk/" /> etc.

Change the first authentication context id=“XML” to context id=“DEFAULT”. Since the context ID must be unique within the file, change the second authentication context ID immediately to anything other than DEFAULT as shown in the following example:

<authentication_context id="DEFAULT"> <directory id="file" type="XML">

<property id="file" value="UserDirectory.xml" /> </directory>

</authentication_context>

<authentication_context id="XYZ"> <directory id="SecureWay" type="LDAP">

<property id="ldap_server" value="ldap://server.domain.co.uk/" /> etc.

Create the vcadmin user in UserDirectory.xml. Add the following section to this file, entering the user password as required:

<entry dn="cn=vcadmin, ou=cad, ou=ges,o=geac,c=uk"> <objectclass>

<oc-value>top</oc-value> <oc-value>person</oc-value> <oc-value>organizationalPerson</oc-value> <oc-value>inetOrgPerson</oc-value> <oc-value>ePerson</oc-value> <oc-value>s21User</oc-value>

</objectclass>

<attr name="cn"><value>vcadmin </value></attr>

<attr name="sn"><value>Administrator </value></attr> <attr name="uid"><value>vcadmin</value></attr>

<attr name="userpassword"><value>anything</value></attr> </entry>

Chapter 4. Installing and setting up vendor.connect 93

Page 105
Image 105
IBM SG24-6526-00 manual XML security