This documentation is for WSO2 Identity Server 5.4.0 . View documentation for the latest release.

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. Select the User store manager that suits your user store. 
    The following table lists the available User store manager implementations and their usage:

    User storeUser store manager classDescription

    LDAP ActiveDirectory

    org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManagerUsed to do read-only operations for external LDAP or ActiveDirectory user stores.
    LDAPorg.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManagerUsed for external LDAP user stores to do both read and write operations.This is the default primary user store configuration in user-mgt.xml file for WSO2 Identity Server.
    ActiveDirectoryorg.wso2.carbon.user.core.ldap.ActiveDirectoryUserStoreManagerUsed to configure an Active Directory Domain Service (AD DS) or Active Directory Lightweight Directory Service (AD LDS). This can be used only for read/write operations. If you need to use AD as read-only, you must use org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager.
    JDBCorg.wso2.carbon.user.core.jdbc.JDBCUserStoreManagerUsed for JDBC user stores. This is the default primary user store configuration in user-mgt.xml file for all WSO2 Servers, except WSO2 Identity Server.

    Or you can configure your own custom user store manager as well

  2. Configure user store manager properties.
    In the following pages, you can find the information on the properties that you need to configure in user store manager types. It provides the additional steps and recommendations specific to each user store manager.

    In user-mgt.xml file, there are configurations for each user store manager, you can simply uncomment the correct user store configuration and fill the properties (All the other UserStoreManager configurations should be commented out or removed). But it is important to read each user store configuration document to find specific information that you need to follow when configuring particular user store.

    Info

    For primary user store you need to set TenantManager property under user store manager properties:

    JDBC : org.wso2.carbon.user.core.tenant.JDBCTenantManager

    LDAP/AD : org.wso2.carbon.user.core.tenant.CommonHybridLDAPTenantManager

    Info

    This is only applicable to the WSO2 Identity Server. Once you configure the primary user store, make sure you disable the default embedded user store from the system. To do this, open <IS_HOME>/repository/conf/identity/embedded-ldap.xml file and make the following change to the enable property.

    Code Block
    languagexml
    <EmbeddedLDAP>
        <Property name="enable">false</Property>
        .......................
    </EmbeddedLDAP>
    Note
    Warning

    Server system administrator who is capable of all the actions in the system is configured within the user-mgt.xml. If you have not configured the system administrator yet, see Configuring the System Administrator.

  3. Now, restart the server.