Setting up LDAP support

  1. Decide which LDAP Directory server you are going to use and, if necessary, install it.
  2. If you are running a version of LDAP that does not support the schema for Z and I Emulator for Web , install the Z and I Emulator for Web schema extension files as described in Installing the schema extensions. (The schema extension files are not required for IBM LDAP Version 3.x or later.)
  3. Ask your LDAP administrator for a suffix which Z and I Emulator for Web will use to store configuration information. Make a note of the distinguished name (DN) of this suffix; you will need this information to complete the LDAP setup.
  4. Ask your LDAP administrator for an administrator DN and password for Z and I Emulator for Web; these will be used to authenticate to the LDAP server. The administrator DN must have create, modify and delete privileges for the suffix mentioned in the previous step. Make a note of the DN and password; you will need this information to complete the LDAP setup.
  5. Enable LDAP on the Directory Service window in the administration utility. Also, optionally, migrate the private data store configuration information to the LDAP directory server. For more information, refer to Configuring Z and I Emulator for Web Server to use LDAP.
    top Graphic Image
    Users and groups that are already defined in LDAP for other purposes are not used by Z and I Emulator for Web. Users and groups for Z and I Emulator for Web must be defined separately by either migrating the configuration information from the private data store or by setting up the users and groups in Z and I Emulator for Web after enabling LDAP.
    top Graphic Image
    If you are using the IBM LDAP server on Windows and AIX platforms, and you are creating a large number of users, make sure that DB2 is configured with the proper value for APP_CTL_HEAP_SZ. While the value for this variable is dependent on individual installations, setting APP_CTL_HEAP_SZ to 512 is a good starting value.
    To configure DB2 heap size in a Windows or AIX environment, issue these commands:
    1. set DB2INSTANCE=ldapdb2
    2. db2 connect to ldapdb2
    3. db2 update db cfg for ldapdb2 using APP_CTL_HEAP_SZ 512
    4. db2 force application all
    5. db2 terminate
    6. db2stop
    7. db2start
    Also, be sure that STMTHEAP is large enough. The size for these parameters are dependent solely on individual customer configurations and the number of Z and I Emulator for Web users that are being migrated to LDAP.