Disabling nested group searches

Follow these steps to disable nested group searches when logging on to WebSphere Application Server.

If you have several nested groups, to improve performance you might not want to retrieve all of the nested groups during login.

To disable nested group searches, at the wsadmin command prompt, enter the following command:
wsadmin>$AdminTask configureAdminWIMUserRegistry {-customProperties {"com.ibm.ws.wim.registry.grouplevel=1"} }
The custom property, com.ibm.ws.wim.registry.grouplevel is added to the user registry object. The value of the group level is set to 1, which retrieves only first level groups. If you do not set the value of the group level, the default value of 0 is used, which retrieves all nested groups.
Note: In WebSphere Application Server 6.1, the configureAdminWIMUserRegistry command is unavailable, hence you must manually edit the security.xml file and add the entry, <properties xmi:id="VMMURProperty_1" name="com.ibm.ws.wim.registry.grouplevel" value="1"/> as shown next. The security.xml file is located at: app_server_root\profiles\your_server_name\config\cells\your_cell\security.xml.
<userRegistries xmi:type="security:WIMUserRegistry" 
  xmi:id="WIMUserRegistry_1" serverId="" serverPassword="{xor}" 
  realm="defaultWIMFileBasedRealm" ignoreCase="true" useRegistryServerId="false" 
  primaryAdminId="uid=wasadmin,o=default organization" 
  registryClassName="com.ibm.ws.wim.registry.WIMUserRegistry">
<properties xmi:id="VMMURProperty_1" name="com.ibm.ws.wim.registry.grouplevel" value="1"/>
</userRegistries>


Terms of use | Feedback