To configure a built-in, file-based repository in a federated repository
configuration, you must know the primary administrative user name of the user
who manages WebSphere Application Server resources and user accounts.
To
configure an LDAP repository in a federated repository configuration, you
must know a valid user name (ID), the user password, the server host and port
and, if necessary, the bind distinguished name (DN) and the bind password.
You can choose any valid user in the repository that is searchable. In some
LDAP servers, administrative users are not searchable and cannot be used (for
example, cn=root in SecureWay). This user is referred to as a WebSphere Application
Server
administrative user name or
administrative ID in the
documentation. Being an administrative ID means a user has special privileges
when calling some protected internal methods. Normally, this ID and password
are used to log in to the administrative console after you turn on security.
You can use other users to log in if those users are part of the administrative
roles.
Restriction: Client certificate login is not supported in
a realm that includes a single built-in, file-based repository or a single
built-in, file-based repository with other repositories.