Add, edit, and remove administrative group members

Prerequisite: You must be the IBM Directory Server administrator to perform this operation.

1. Expand the Server administration category in the navigation area of the Web administration tool and click Manage administrative group.
   Note:
   To change server configuration settings using the tasks in the Server administration category of the Web Administration tool, you must authenticate to the server as an i5/OS user profile that has *ALLOBJ and IOSYSCFG special authorities. This can be done by authenticating as a projected user with the password for that profile. To bind as a projected user from the Web administration tool, enter a username of the form os400-profile=MYUSERNAME,cn=accounts,os400-sys=MYSYSTEM.COM, where MYUSERNAME and the MYSYSTEM.COM strings are replaced with your user profile name and the configured system projection suffix, respectively.
2. On the Manage administrative group panel, click Add.
3. On the Add administrative group member panel:
   1. Enter the member's administrator DN (this must be a valid DN syntax).
   2. Enter the member's password.
   3. Enter the member's password again to confirm it.
   4. Optional: Enter the member's Kerberos ID. The Kerberos ID must be in either ibm-kn or ibm-KerberosName format. The values are case not case sensitive, for example, ibm-kn=root@TEST.ROCHESTER.IBM.COM is equivalent to ibm-kn=ROOT@TEST.ROCHESTER.IBM.COM.
4. Optional: enter the member's Digest-MD5 user name.
   Note:
   The Digest-MD5 user name is case sensitive.
5. Click OK.
6. Repeat this procedure for each member you want to add to the administrative group.

The member administrator DN, Digest-MD5 username, if specified, and Kerberos ID, if specified, are displayed in the Administrative group members list box.

To change or remove administrative group members, follow the same procedure as above but use the Edit and Delete buttons on the Manage administrative group panel.