Migrating to an LDAP directory

This task is part of setting up and using LDAP.

Migrating to LDAP has significant implications for your group and user configuration information. Make sure you understand these implications before you migrate.

To migrate users and groups to an LDAP directory, click Directory Service in the Administration window and click Migrate Configuration to Directory Service.

If a group or user already exists in the LDAP directory, the information from the Z and I Emulator for Web data store is not written for that particular group or user. Also, if a user is a member of multiple groups in the Z and I Emulator for Web data store, the user will be assigned to only one of those groups in the LDAP directory.

During migration, log messages are written to standard output, which is typically the browser's Java console. Additionally the log messages are saved in a log file ( ldap.log) in the private directory of the Z and I Emulator for Web server.

If the migration program ends prematurely, for example, because of a network failure, you can select this option and run the migration program again. After successful migration, the Migrate Configuration to Directory Service check box is automatically cleared. Simply select it and click Apply, and the migration process will begin again.

Notes:

  • Migrating on an iSeries can be a lengthy process, sometimes taking up to 40 minutes to complete. Z and I Emulator for Web will only show that the system is busy. Please be patient.
  • Defining a large number of users can significantly slow down Z and I Emulator for Web server. It is recommended that you limit the maximum number of users in any one group to be in the range of 50 to 100.
  • If the administrator log on fails when enabling LDAP using a Netscape LDAP server, disable UID uniqueness, restart the ZIEWeb Service Manager and re-enable LDAP.

To disable UID uniqueness in Netscape LDAP Server:

  1. Go to the Configuration tab and expand the plugins item. The last item should be UID uniqueness.
  2. Select UID uniqueness and you will see a checkbox labeled "Enabled".
  3. Clear the UID uniqueness checkbox.
  4. Restart the LDAP server.

Related topics