In this lab, we will secure the WebSphere console using Windows Active Directory, it is very easy and it let the security responsibilities to Windows Administrators
Steps
1.- Create a Service user in Windows to authenticate the others users
2.- Use the Security Wizzard
3.- Stop and Start WebSphere
4.- Done
1.- Create a Service user in Windows to authenticate the others users
Now you can check with your WebSphere box (or any other box) that you can access the directory with that user, please use only wasadmin as the name of this user, and for example Wasadmin as their password.
If ldapbrowser can search into Active Directory, WebSphere will do it too
2.- Use the Security Wizzard
3.- Stop and Start WebSphere
Now you must stop and start all your infraestructure, in my case I have 3 servers: ND, nodeagent and server1
When you start all again, just F5 into your browser
as you will see, the console will be redirected to a SSL comunication
Do what you need to do to accept the certificate
Now you must login into the console with the service user, in this case wasadmin
Congrats!!! now you must add one admin user to the console, you should no use the service user to adminstrate your was infraestructure.
again, go to Security -> Global security -> Administrative user roles
You are now into "Administrative user role" you must see here our service user account
Let's go to add a New administrator user, please click into Add...
in my case, I will add to myself, then I write H* and click into Search
Then you must pass the user to the right side and select the appropriate role
Click Ok and save
Now you must logout and login with your new administrative user
Congrats, you have a new administrative user account into your infrastructure
Steps
1.- Create a Service user in Windows to authenticate the others users
2.- Use the Security Wizzard
3.- Stop and Start WebSphere
4.- Done
1.- Create a Service user in Windows to authenticate the others users
2.- Use the Security Wizzard
3.- Stop and Start WebSphere
Now you must stop and start all your infraestructure, in my case I have 3 servers: ND, nodeagent and server1
When you start all again, just F5 into your browser
as you will see, the console will be redirected to a SSL comunication
Do what you need to do to accept the certificate
Now you must login into the console with the service user, in this case wasadmin
Congrats!!! now you must add one admin user to the console, you should no use the service user to adminstrate your was infraestructure.
again, go to Security -> Global security -> Administrative user roles
You are now into "Administrative user role" you must see here our service user account
Let's go to add a New administrator user, please click into Add...
in my case, I will add to myself, then I write H* and click into Search
Then you must pass the user to the right side and select the appropriate role
Click Ok and save
Now you must logout and login with your new administrative user
Congrats, you have a new administrative user account into your infrastructure
No comments:
Post a Comment