From 07e621c47edb36460c1e54c9514afaa463b49b03 Mon Sep 17 00:00:00 2001 From: rusirijayodaillesinghe Date: Fri, 1 Nov 2024 20:38:40 +0530 Subject: [PATCH] Fixes #8439 and #8597 --- .../configuring-a-read-only-ldap-user-store.md | 10 ---------- ...-a-read-write-active-directory-user-store.md | 7 ------- .../configuring-a-read-write-ldap-user-store.md | 17 +++++++---------- .../configuring-the-primary-user-store.md | 9 +++++---- 4 files changed, 12 insertions(+), 31 deletions(-) diff --git a/en/docs/administer/managing-users-and-roles/managing-user-stores/configure-primary-user-store/configuring-a-read-only-ldap-user-store.md b/en/docs/administer/managing-users-and-roles/managing-user-stores/configure-primary-user-store/configuring-a-read-only-ldap-user-store.md index a04e1540b5..73636ca7ef 100644 --- a/en/docs/administer/managing-users-and-roles/managing-user-stores/configure-primary-user-store/configuring-a-read-only-ldap-user-store.md +++ b/en/docs/administer/managing-users-and-roles/managing-user-stores/configure-primary-user-store/configuring-a-read-only-ldap-user-store.md @@ -1,15 +1,5 @@ # Configuring a Read-Only LDAP User Store -User management functionality is provided by default in all WSO2 Carbon-based products and is configured in the `deployment.toml` file found in the `/repository/conf/` directory and the changes will be automatically applied to `user-mgt.xml` file in `/repository/conf/` directory as well. This file is shipped with user store manager configurations for all possible user store types (JDBC, read-only LDAP/Active Directory, read-write LDAP and read-write Active directory). The instructions given below explains how to configure a read-only LDAP as the primary user store for the WSO2 server. - -!!! info - The default User Store - - The primary user store that is configured by default in the user-mgt.xml file is a JDBC user store, which reads/writes into the internal database of the product server. By default, the internal database is H2 for all WSO2 products excluding the Identity Server. - - - Note that the RDBMS used in the default configuration can remain as the database used for storing Authorization information. - Follow the given steps to configure a read-only LDAP/AD as the primary user store: - [Step 1: Setting up the read-only LDAP/AD user store manager](#ConfiguringaRead-OnlyLDAPUserStore-Step1:Settinguptheread-onlyLDAP/ADuserstoremanager) diff --git a/en/docs/administer/managing-users-and-roles/managing-user-stores/configure-primary-user-store/configuring-a-read-write-active-directory-user-store.md b/en/docs/administer/managing-users-and-roles/managing-user-stores/configure-primary-user-store/configuring-a-read-write-active-directory-user-store.md index 0961bd17fc..5ecac923d4 100644 --- a/en/docs/administer/managing-users-and-roles/managing-user-stores/configure-primary-user-store/configuring-a-read-write-active-directory-user-store.md +++ b/en/docs/administer/managing-users-and-roles/managing-user-stores/configure-primary-user-store/configuring-a-read-write-active-directory-user-store.md @@ -1,12 +1,5 @@ #Configuring a Read-Write Active Directory User Store -!!! info - The default User Store - - The primary user store that is configured by default in the `user-mgt.xml` file is a JDBC user store, which reads/writes into the internal database of the product server. By default, the internal database is H2 for all WSO2 products excluding WSO2 Identity Server. - - Note that the RDBMS used in the default configuration can remain as the database used for storing Authorization information. - Follow the given steps to configure an external Active Directory as the primary user store: - [Step 1: Setting up the external AD user store manager](#step-1-setting-up-the-external-ad-user-store-manager) diff --git a/en/docs/administer/managing-users-and-roles/managing-user-stores/configure-primary-user-store/configuring-a-read-write-ldap-user-store.md b/en/docs/administer/managing-users-and-roles/managing-user-stores/configure-primary-user-store/configuring-a-read-write-ldap-user-store.md index 38fb0d4ae4..e710248e0b 100644 --- a/en/docs/administer/managing-users-and-roles/managing-user-stores/configure-primary-user-store/configuring-a-read-write-ldap-user-store.md +++ b/en/docs/administer/managing-users-and-roles/managing-user-stores/configure-primary-user-store/configuring-a-read-write-ldap-user-store.md @@ -1,16 +1,13 @@ # Configuring a Read-Write LDAP User Store -User management functionality is provided by default in all WSO2 Carbon-based products and is configured in the `deployment.toml` file found in the `/repository/conf/` directory and the changes will be automatically applied to `user-mgt.xml` file in `/repository/conf/` directory as well. This file is shipped with user store manager configurations for all possible user store types (JDBC, read-only LDAP/Active Directory, read-write LDAP and read-write Active directory). The instructions given below explains how to configure a read-write LDAP as the primary user store for the WSO2 server. - -!!! info - The default User Store - - The primary user store that is configured by default in the user-mgt.xml file of WSO2 products is a JDBC user store, which reads/writes into the internal database of the product server. By default, the internal database is H2. This database is used by the Authorization Manager (for user authentication information) as well as the User Store Manager (for defining users and roles). In the case of the WSO2 Identity Server, the default user store is an LDAP (Apache DS) that is shipped with the product. +Follow the given steps to configure a read-write LDAP as the primary user store: +!!! info "Note" - Note that the RDBMS used in the default configuration can remain as the database used for storing Authorization information. + While the default primary user store of WSO2 API Manager is a JDBC usser store, WSO2 Identity server 5.11.0 is shipped with a Read-Write LDAP as the primary user store. + While the user has the freedom to choose any Read-Write LDAP, in this guide WSO2 Identity Server is used as the Read-Write LDAP. + Hence in this guide it is assumed that WSO2 Identity Server 5.11.0 is up and running with the port offset = 1. -Follow the given steps to configure a read-write LDAP as the primary user store: - [Step 1: Setting up the read-write LDAP user store manager](#ConfiguringaRead-WriteLDAPUserStore-Step1:Settinguptheread-writeLDAPuserstoremanager) - [Step 2: Updating the system administrator](#ConfiguringaRead-WriteLDAPUserStore-Step2:Updatingthesystemadministrator) @@ -58,7 +55,7 @@ Before you begin UserRolesCacheEnabled= "true" ConnectionRetryDelay= "2m" ``` -- The `class` attribute for a read-write LDAP is `` +- If you are using the WSO2 Identity server as the Read-Write LDAP, the `class` attribute is `` ``` [user_store] class="org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager" @@ -177,7 +174,7 @@ The configuration for the external read/write user store in the `user-mgt.xml` f MembershipAttribute = "member" ``` - To read roles based on a backlink attribute, use thefollowingcodesnipetinsteadofthe above: + To read roles based on a backlink attribute, use the following code snipet instead of the above: ``` ReadGroups = "false" diff --git a/en/docs/administer/managing-users-and-roles/managing-user-stores/configure-primary-user-store/configuring-the-primary-user-store.md b/en/docs/administer/managing-users-and-roles/managing-user-stores/configure-primary-user-store/configuring-the-primary-user-store.md index 0f5b9803ab..b3ccecff2c 100644 --- a/en/docs/administer/managing-users-and-roles/managing-user-stores/configure-primary-user-store/configuring-the-primary-user-store.md +++ b/en/docs/administer/managing-users-and-roles/managing-user-stores/configure-primary-user-store/configuring-the-primary-user-store.md @@ -2,13 +2,14 @@ This documentation explains the process of setting up a primary user store for your system. -!!! info - **The default User Store** +!!! info "The default User Store" - The primary user store that is configured by default, is a JDBC user store, which reads/writes into an internal database. By default, the internal database is H2. This database is used by the Authorization Manager (for user authorization information) as well as, the User Store Manager (for defining users and roles). + The primary user store in of WSO2 products is configured by default as a JDBC user store in the user-mgt.xml file, which reads/writes into the internal database of the product server. This internal database is typically H2 by default. This database is used by both the Authorization Manager (for managing user authentication data) and the User Store Manager (for defining users and roles). + In the case of the WSO2 Identity Server 5.11.0, the default user store is an LDAP (Apache DS) that is shipped with the product. + Note that the RDBMS used in the default configuration can remain as the database used for storing Authorization information. -Instead of using the embedded database, you can set up a separate repository and configure it as your primary user store. Since the user store you want to connect to might have different schemas from the ones available in the embedded user store, it needs to go through an adaptation process. We do the necessary adaptations depending on the user store type. We support the following primary user store types. +Instead of using the embedded database in WSO2 API Manager, you can set up a separate repository and configure it as your primary user store. Since the user store you want to connect to might have different schemas from the ones available in the embedded user store, it needs to go through an adaptation process. We do the necessary adaptations depending on the user store type. We support the following primary user store types.