The VMMSYNC cron task synchronizes users and groups between
the database and the federated VMM repository in WebSphere® Application
Server Network Deployment.
If you use WebSphere Application
Server Network Deployment,
then you must configure the VMMSYNC cron task to include the connection
information for your environment.
Procedure
- In the Cron Task Setup application, open the definition
for the VMMSYNC cron task.
- In the Cron Task Instances section, select Active and Keep
History, and then specify the maximum number of history
records.
- Update the XML for the UserMapping parameter.
- In the Parameters tab, open the
details for the UserMapping parameter.
- In the Value field, modify the
basedn attribute to match your environment. For example,
update the default value of ou=users,ou=SWG,o=IBM,c=US to
match the specific OU structure that is defined in your LDAP repository
to host user information, such as ou=myusers,o=myorg.org.
- Add or modify attributes to match attribute names that
are defined for each user record in the LDAP repository. Attributes
must be defined before they can be used in data mapping. Refer to
the database schema to determine whether an attribute is required.
Columns in the MAXUSER table that are specified as NOT NULL are required.
- Map new or changed attributes to specific columns in
the database.
- Update the XML for the GroupMapping parameter.
- In the Parameters tab, open the
details for the GroupMapping parameter.
- In the Value field, modify the
basedn attribute to match your environment.
- Add or modify attributes to match group attributes that
are defined for group records in the LDAP repository.
- Map new or changed attributes to specific columns in
the database.
- Map members into defined groups. The member attribute
must match the group member attribute that is defined in the LDAP
repository.
- Set a user ID and password for the cron task to use to
access the LDAP repository. This user ID must be defined
in the LDAP repository, but does not require any sort of update access.
- In the Parameters tab, open the
details for the Principal parameter.
- In the Value field, modify the
value to match the fully qualified name value from the LDAP repository,
for example cn=wasadmin,ou=myusers,o=myorg.org.
- In the Parameters tab, open the
details for the Credential parameter.
- In the Value field, modify the
value to match the password of the user ID that is specified in the Principal parameter.
- In the Parameters tab, open the
details for the UserSearchAttribute parameter
and modify the value to match the LDAP attribute that is used to query
user records.
- In the Parameters tab, open the
details for the GroupSearchAttribute parameter
and modify the value to match the LDAP attribute that is used to query
group records.
- Save the changes to the VMMSYNC cron task.