Disabling nested groups search

Improve LDAP performance by disabling nested groups search when the Sametime® client authenticates with the WebSphere® Application Server.

Procedure

  1. On the deployment manager for the SIP Proxy/Registrar (this is typically the Sametime System Console), open a command window and run the wsadmin command.

    For example, on Linux™ enter:

    DMgr_install_root/profiles/DMgr_profile/bin/wsadmin.sh -user WAS_admin_name -password WAS_admin_password

  2. At the wsadmin command prompt, disable nested group searches by running the following two commands:
    $AdminTask configureAdminWIMUserRegistry {-customProperties
 {"com.ibm.ws.wim.registry.grouplevel=1"} }

$AdminConfig save
    Note: The custom property com.ibm.ws.wim.registry.grouplevel is added to the user registry object with the value of the group level set to 1, which retrieves only first-level groups. If you do not set the value of the group level, the default value of 0 is used, which retrieves all nested groups.
  3. Exit the wsadmin command window by entering this command:

    quit

  4. Synchronize the nodes in the SIP Proxy/Registrar cluster:
    1. Still working on the computer hosting the deployment manager, log on to the WebSphere Integrated Solutions console as the WebSphere administrator.
    2. Click System Administration > Nodes.
    3. In the nodes table, click Full Resynchronize.