Technical data
Specifying a Security Realm
Administration Guide 14-27
your ACLs, you can reduce the frequency with which you must refresh the information
in WebLogic Server. Changing the members of a Windows NT Group allows you to
manage individual Users’ access to WebLogic Server resources dynamically.
It is possible to use the Windows NT Security realm to authenticate against a Windows
2000 Active Directory primary domain controller. However, the authentication must
be from a machine which is a member of the domain not the domain controller itself.
There is no way to authenticate to the local User and Group store if the machine
running the Windows NT Security realm is a member of another domain.
The Windows NT Security realm can be run on the primary domain controller, on a
machine that is a member of a Windows NT domain, or on a machine that is a member
of the Windows NT domain and wants to use a mutually trusted domain.
To use the Windows NT Security realm:
1. Go to the Security
→Realms node in the left pane of the Administration Console.
2. In the right pane of the Administration Console, click the Configure a New NT
Realm link.
3. Configuring the Windows NT Security realm involves setting attributes that
define a name for the realm and the computer on which the Windows NT domain
is running. To specify a realm name and computer, you must define values for the
attributes shown the NT Realm Create window of the Administration Console.
The following table describes the attributes you set in the NT Realm
Configuration window.
4. To save your changes, click the Apply button.
5. When you have finished defining the attributes, reboot WebLogic Server.
Table 14-11 Windows NT Security Realm Attributes
Attribute Description
Name The name of the Windows NT Security realm, such as,
AccountingRealm
Primary Domain The host and port number of the computer where Users
and Groups are defined for the Windows NT domain. If
you enter multiple host and port numbers, use a comma
delineated list.