Filter
Top Products
Creating WebSphere and Learning Management System Administrator Accounts
You need at least two accounts in the LDAP directory to complete the installation of the IBM Lotus Learning
Management System: an account for the WebSphere administrator and an account for the Learning Management
System administrator. To create these accounts, you can either import an LDIF file or create the entries by hand. For
instructions on importing LDIF files in IBM Directory Server, please consult the Directory Server Online Help. To
create these entries by hand:
1. Start the Directory Management Tool: Start - Programs - IBM Directory Server - Directory Management Tool.
Note that each time you start the Directory Management Tool, you need to include a binding and password
that identifies the administrator of the directory. These are created when Directory Server is installed. The
default binding created during installation is cn=root.
2. Choose Directory tree - Browse tree.
3. Select the entry in the tree under which you want to add the new entry, and then click Add. For example, to
add the user accounts at the organization level, select your organization identifier, such as o=ibm, and then
click Add.
4. Select the User Entry type.
5. For Parent DN, enter the distinguished name of the tree entry you selected (for example, o=ibm) if this is
different from the entry selected in the tree—the Parent DN should automatically default to the entry
selected in the tree.
6. Entry RDN – Enter the relative distinguished name (RDN) of the entry that you are adding (for example,
cn=wasadmin).
7. Click OK to continue and to open the ‘Add and LDAP User dialog:
8. In the ‘Add an LDAP User’ dialog, select inetOrgPerson for object class (which is the default object class for
new entries). The DN (distinguished name) should be populated automatically, as should the Common
Name. It is not necessary to enter a value for sn for this account. You must enter a userPassword on the
Business tab and a uid on the Other tab, and you may fill in any other details you wish.
9. Repeat these steps to create the lmsadmin account.
WebSphere Application Server and LDAP User filter strings
In WAS, you must specify an LDAP user filter that searches the registry for users. This option is typically used for
Security Role to User assignments. It specifies the property by which to look up users in the directory service.
For example, in the syntax example (&(uid=%v)(|(objectclass=inetOrgPerson)(objectclass=ePerson))), users are looked
up based on their user IDs and the fact that the person entries have either inetOrgPerson or ePerson (or both) set as
their objectclass attribute. For more information about this syntax, see the LDAP Directory Service documentation.
To view this administrative page in the WAS Administration Console, click Security- User Registries- LDAP-
Advanced LDAP settings.
Additional LDAP information and guidelines
When setting up a Domino LDAP directory with the Learning Management System, make sure that it has full text
indexing enabled as this significantly shortens the time for user rostering by file.
20 IBM Lotus LMS Release 1 Installation Guide