Enabling File Viewer entitlement

After File Viewer is installed, you can give users and groups entitlement to use it.

About this task

You can give entitlement to the following:
  • One or several users
  • One or several groups
  • Everyone
To enable entitlement of File Viewer, log in to the WebSphere® Application Server administrative console and complete the steps in the following section.
Note:
  • The default is Everyone, so if you want to give entitlement to everyone, you can skip the remainder of this section.
  • Entitlement setting will be cleared after upgrading Connections Docs. You must redo the enabling steps after upgrading.

Procedure

  1. Enable group membership:
    1. Open a web browser and navigate to the Integrated Solutions Console.
      • https://DocsLab01.renovations.com:9043/ibm/console
    2. Go to Security > Global security.
    3. In the User Account Repositories section, ensure that Federated repositories is selected and click Configure.
    4. Click the LDAP Repository link under Repository Identifier. This entry corresponds to an entry created earlier in the installation procedure.
    5. Under Additional Properties, click LDAP entity types.
    6. Confirm that the objectclass for Group is valid in your LDAP. Common group attributes are provided in the following table:
      Table 1. Common group attributesThis table provides suggested default values for common group attributes.
      LDAP Server Type Accepted objectClasses member attributes
      IBM Lotus Domino
      • groupOfNames
      • dominoGroup
      		 member
      IBM Tivoli Directory Server groupOfUniqueNames uniquemember
    7. If changes are made, click OK, save the changes to the master configuration, and resynchronize the nodes.
  2. Set up the group attribute definition:
    1. Go to Security > Global security.
    2. In the User Account Repositories section, ensure that Federated repositories is selected and click Configure.
    3. Click the LDAP Repository link under Repository Identifier. This entry corresponds to an entry created earlier in the installation procedure.
    4. Under Additional Properties, click Group attribute definition.
    5. Under Additional Properties, click Member attributes.
    6. Confirm that the name matches the attribute name that defines the person entry within the group. This is commonly member. Common group and member attributes are provided in the previous table.
    7. If changes are made, click OK, save the changes to the master configuration, and resynchronize the nodes.
  3. Choose an entitlement option:
    Note: Currently there is only one entitlement level, entitledUser, that can be mapped to users, groups, or everyone. The default value is Everyone.
    1. Entitle everyone:
      1. Log in to the WebSphere Application Server administrative console: https://DocsLab01.renovations.com:9043/ibm/console
      2. Go to Application > Application Types > WebSphere enterprise applications.
      3. Click ViewerApp.
      4. Click Security role to user/group mapping.
      5. Select entitledUser.
      6. If you want everyone to access File Viewer, select Map Special Subjects > Everyone.
      7. Click OK.
      8. Save the changes to the master configuration.
      9. Resynchronize the nodes.
      10. Go to Application > Application Types > WebSphere enterprise applications
      11. Select ViewerApp.
      12. Stop and restart the File Viewer application. Check whether everyone can access File Viewer.
    2. Entitle users:
      1. Log in to the WebSphere Application Server administrative console: https://DocsLab01.renovations.com:9043/ibm/console
      2. Go to Application > Application Types > WebSphere enterprise applications.
      3. Click ViewerApp.
      4. Click Security role to user/group mapping .
      5. Select entitledUser.
      6. Select Map Special Subjects - none. Confirm that the special subjects column reflects None.
      7. Select entitledUser.
      8. Click Map Users.
      9. In the Search field, enter the user ID of the person you want to add and click Search. Available users are listed.
      10. Select the user and click the right arrow to add them to the list.
      11. Repeat the process until you have added all of the users that you want to entitle for File Viewer.
      12. Click OK.
      13. Save the changes to the master configuration.
      14. Resynchronize the nodes.
      15. Go to Application > Application Types > WebSphere enterprise applications.
      16. Select ViewerApp.
      17. Stop and restart the File Viewer application.
      18. Check whether the users specified can access File Viewer.
    3. Entitle groups:
      1. Log in to the WebSphere Application Server administrative console: https://DocsLab01.renovations.com:9043/ibm/console
      2. Go to Application > Application Types > WebSphere enterprise applications.
      3. Click ViewerApp.
      4. Click Security role to user/group mapping .
      5. Select entitledUser.
      6. Select Map Special Subjects - none. Confirm that the special subjects column reflects None.
      7. Select entitledUser.
      8. Click Map Users.
      9. In the Search field, enter the cn of the group you want to add and click Search. Available groups are listed.
      10. Select the group and click the right arrow to add them to the list.
      11. Repeat the process until you have added all of the groups that you want to entitle for File Viewer.
      12. Click OK.
      13. Save the changes to the master configuration.
      14. Resynchronize the nodes.
      15. Go to Application > Application Types > WebSphere enterprise applications.
      16. Select ViewerApp.
      17. Stop and restart the File Viewer application. Check whether the groups specified can access File Viewer.