Entering content frame

Procedure documentation Selecting Location of Default Users and Groups

Use

When you set up UME to use an LDAP directory as data source, UME searches for user data both in the LDAP directory and in the database. After installation, the database contains the default users Administrator and Guest, and the default groups Adminstrators and Guests. In some cases the LDAP directory may already contain these users and groups as well. If these users and groups exist in both data sources, UME by default ignores the objects that exist in the LDAP directories. This prevents problems with duplicate users and groups.

If you want to use the administrator and guest users and groups in the database, no action is necessary.

If you want to use the administrator and guest users and groups in your LDAP directory, you need to perform the following procedure.

Prerequisites

Make sure that the following users and groups exist on the directory server:

·        Group Administrators containing user Administrator

·        Group Guests containing user Guest

Procedure

Use this procedure to set up UME to use the administrator and guest users and groups on your LDAP directory.

...

       1.      Activate SAP* user as follows:

...

                            a.      Open UME properties for editing as described in Editing UME Properties.

                            b.      Set the property ume.superadmin.activated to TRUE

                            c.      If the property ume.superadmin.password is empty, define a password for the SAP* user.

                            d.      Restart your cluster nodes.

       2.      Delete administrator and guest users and groups in the database as follows:

                            a.      Open the UME administration console at http://<j2eeHost>:<httpPort>/useradmin and log on with the SAP* user.

                            b.      Remove the group Administrators from the administrative role Administrator.

                            c.      Delete the users Administrator and Guest.

                            d.      Delete the groups Administrators and Guests.

                            e.      Shutdown your cluster nodes.

       3.      Unblock administrator and guest users and groups on the LDAP directory and assign them the appropriate authorizations. Proceed as follows:

                            a.      Set the following UME properties as described in Editing UME Properties.

§         ume.ldap.blocked_accounts=<empty string>

§         ume.ldap.blocked_users=<empty string>

§         ume.ldap.blocked_groups=<empty string>

This setting has the effect that the users Administrator and Guest and the groups Administrators and Guests from the LDAP directory are no longer blocked and are visible in the user management tools.

                            b.      Start your cluster nodes.

                            c.      Open the UME administration console at http://<j2eeHost>:<httpPort>/useradmin and log on with the SAP* user.

                            d.      Assign the group Administrators to the administrative role Administrator.

This gives the administrator users in your directory authorization for UME administration.

       4.      Disable the SAP* user as follows:

                            a.      Shutdown your cluster nodes.

                            b.      Open UME properties for editing as described in Editing UME Properties.

                            c.      Set the property ume.superadmin.activated to FALSE.

                            d.      Start your cluster nodes.

Result

UME now uses the administrator and guest users and groups in your LDAP directory.

 

Leaving content frame