Configuring local operating system registries

Use these steps to configure local operating system registries.

Before you begin

For detailed information about using the local operating system user registry, see Local operating system registries. These steps set up security based on the local operating system user registry on which WebSphere® Application Server is installed.

About this task

[z/OS] When you set up a user registry for WebSphere Application Server, the System Authorization Facility (SAF) works in conjunction with the user registry to authorize applications to run on the server. Complete the following steps to configure additional properties that are associated with the local OS user registry and SAF configuration.

[z/OS] Important: The local operating system is not a valid user account repository when you have a mixed cell environment that includes both z/OS® platform and non-z/OS platform nodes.

[AIX Solaris HP-UX Linux Windows] The following steps are needed to perform this task initially when setting up security for the first time.

Procedure

  1. Click Security > Global security.
  2. Under User account repository, select Local operating system and click Configure.
  3. [AIX Solaris HP-UX Linux Windows] Enter a valid user name in the Primary administrative user name field. This value is the name of a user with administrative privileges that is defined in the registry. This user name is used to access the administrative console or used by wsadmin.
  4. [z/OS] If SAF authorization is not enabled, enter a valid user name in the Primary administrative user name field. This value is the name of a user with administrative privileges that is defined in the registry. This user name is used to access the administrative console or used by wsadmin.
  5. [z/OS] Optional: Select the Ignore case for authorization option to enable WebSphere Application Server to perform a case insensitive authorization check when you use the default authorization.
  6. Click Apply.
  7. [AIX Solaris HP-UX Linux Windows] Select either the Automatically generated server identity or Server identity that is stored in the repository option. If you select the Server identity that is stored in the repository option, enter the following information:
    Server user ID or administrative user on a Version 6.0.x node
    Specify the short name of the account that is chosen in the second step.
    Server user password
    Specify the password of the account that is chosen in the second step.
  8. [z/OS] Select either the Automatically generated server identity or User identity for the z/OS started task.
  9. Click OK.

    The administrative console does not validate the user ID and password when you click OK. Validation is only done when you click OK or Apply in the Global security panel. First, make sure that you select Local operating system as the available realm definition in the User account repository section, and click Set as current. If security was already enabled and you had changed either the user or the password information in this panel, make sure to go to the Global security panel and click OK or Apply to validate your changes. If your changes are not validated, the server might not start.

    Important: Until you authorize other users to perform administrative functions, you can only access the administrative console with the server user ID and password that you specified.

Results

After completing these steps, you have configured WebSphere Application Server to use the local operating system registry to identify authorized users.

What to do next

Complete any remaining steps for enabling security. For more information, see Enabling security.




In this information ...


IBM Redbooks, demos, education, and more

(Index)

Use IBM Suggests to retrieve related content from ibm.com and beyond, identified for your convenience.

This feature requires Internet access.

Task topic Task topic    

Terms and conditions for information centers | Feedback

Last updatedLast updated: Jun 12, 2013 3:32:32 AM CDT
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=v700osgijpa&product=was-nd-mp&topic=tseclocalos
File name: tsec_localos.html