WebSphere Application Server 7 Federated Repository Configuration – Microsoft AD configuration

Some people are confusing how to configure the Federated Repository to Connect to Microsoft Active directory LDAP server.  IBM docs do not provide a clean configuration steps.

Here are the steps what I configured Federated Repository to connect to Microsoft Active Directory LDAP

1) Log on to Admin Console and go to Security-Global Security

2) select "Federated Repositor" from drop down list and click "Configure…" button

3) Specify a Primary administrative user name. Note: this user name should not be same user in Microsoft AD LDAP

4) Click "Add Base Entry to Realm…" button in this page

5) click "Add Repository" button

6)  enter the Repository Identifier,  host name, port, binging user, and password, Then click "Apply"

7) click "LDAP entity types" link

8) then click "PersonalAccount" link, and set the Search base like "DC=mydomain,DC=com", then click "Ok"

9) this step is very import, find the file named wimconfig.xml at the directory <ProfileDir>/Config/cells/<NodeName>/wim/config, add the highlighted entry in the correct section

Most Microsoft active directory use sAMAccountName to authenticate the user, so we need to map sAMAccountName attribute to uid in order to search the user.

After changing the file, we need to restart the server. and then we should be able to find the active directory user from the console.