Jazz Forum Welcome to the Jazz Community Forum Connect and collaborate with IBM Engineering experts and users

How to get the LDAP user on WAS

Questions
Tags
Users
Badges
Elvin Jiang
(1178) edited
Mar 14 '13, 7:14 a.m.

Hi,   

I'm trying to configure WAS with LDAP realm but I had many problems. My system ifo are: CLM 4.0.1, WAS 8.0 fixpack 05, OS Win Server 2008 R2.   

As first step I followed instructions for enabling LDAP on WebSphere as here described: http://pic.dhe.ibm.com/infocenter/clmhelp/v4r0/topic/com.ibm.jazz.install.doc/topics/t_instl_config_ldap_on_was.html   

I didn't understand the correst setup for the values in the section Advanced Lightweight Directory Access Protocol (LDAP) user registry settings for "User ID map", "Group ID map" and "Group member ID map".   

I was able to connect to LDAP server. and set the "Standalone LDAP registry  as current, but when I try to retrieve the users and groups, I just got nothing. In this situation I tryied to add a new valid LDAP user as aministrator by "Management user roles" but the list of avilable users is always empty.   

By the way, when  restart the WAS, I cannot login anymore, I was totally lost....
Thank you very much in advance   
Elvin

 

0 votes

1 answer
4,732 views
0 votes

Accepted answer

Permanent link
Ralph Schoon
FORUM ADMINISTRATOR / FORUM MODERATOR / JAZZ DEVELOPER (64.0k33648) Mar 14 '13, 7:13 a.m.
Hi Elvin,

to my experience the key is to get the LDAP Advanced properties in WAS and in the LDAP configuration right. I can only suggest to follow the linkin the user registry setup page to http://www-01.ibm.com/support/docview.wss?uid=swg21445366 and test your parameters. If you don't get them right, you will see no groups as you describe above. Also, there needs to be a group mapping in LDAP, so the LDAP user needs to have a group property that you have to map for RTC to allow to retrieve the repository groups.

There are also several articles in the library. Find them with https://jazz.net/library/#tag=ldap . For example https://jazz.net/library/article/479 .

The administration workshop shows how to use Active Directory the old upgrade workshop is a good source for how to setup LDAP on WAS too.

You need to get the group information into LDAP and you need to figure the settings for the LDAP queries to actually get the required information, to make it work. Please also be aware the ID's are case sensitive by default once you make WAS recognizing groups and ID's.
Elvin Jiang selected this answer as the correct answer

0 votes

Your answer

Register or log in to post your answer.

Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.

Ask a question
Guidelines
FAQ
Search context
Follow this question

By Email: 

Once you sign in you will be able to subscribe for any updates here.

By RSS:

Answers
Answers and Comments
Question details
× 7,507
× 6,131
× 88
× 58

Question asked: Mar 14 '13, 3:42 a.m.

Question was seen: 4,732 times

Last updated: Mar 14 '13, 7:14 a.m.

Confirmation Cancel Confirm