Create a realm administrator

To create a realm administrator, you must first create an administration group for the realm by doing the following:

  1. Create the realm administration group.
    1. Expand the Directory management category in the navigation area of the Web administration tool.
    2. Click Manage entries.
    3. Expand the tree and select the realm you just created, cn=realm1,o=ibm,c=us.
    4. Click Edit ACL.
    5. Click the Owners tab.
    6. Ensure that Propagate owner is checked.
    7. Enter the DN for the realm, cn=realm1,o=ibm,c=us.
    8. Change the Type to group.
    9. Click Add.
  2. Create the administrator entry. If you do not already have a user entry for the administrator, you must create one.
    1. Expand the Directory management category in the navigation area of the Web administration tool.
    2. Click Manage entries.
    3. Expand the tree to the location where you want the administrator entry to reside.
      Note:
      Locating the administrator entry outside of the realm avoids giving the administrator the ability to accidently delete him or herself. In this example the location might be o=ibm,c=us.
    4. Click Add.
    5. Select the Structural object class, for example inetOrgPerson.
    6. Click Next.
    7. Select any auxiliary object class you want to add.
    8. Click Next.
    9. Enter the required attributes for the entry. For example,
      • RDN cn=JohnDoe
      • DN o=ibm,c=us
      • cn John Doe
      • sn Doe
    10. On the Other attributes tab ensure that you have assigned a password.
    11. When you are done, click Finish.
  3. Add the administrator to the administration group.
    1. Expand the Directory management category in the navigation area of the Web administration tool.
    2. Click Manage entries.
    3. Expand the tree and select the realm you just created, cn=realm1,o=ibm,c=us.
    4. Click Edit attributes.
    5. Click the Members tab.
    6. Click Members.
    7. In the Members field enter the DN of the administrator, in this example cn=John Doe,o=ibm,c=us.
    8. Click Add. The DN is displayed in the Members list.
    9. Click OK.
    10. Click Update. The DN is displayed in the Current members list.
    11. Click OK.
  4. You have created an administrator that can manage entries within the realm.