It's all about the answers!

Ask a question

WAS Global Security Setup for IBM Bluepages please.


Thomas Loeber (62237950) | asked May 27 '13, 7:09 a.m.
JAZZ DEVELOPER
I'm asking on  this forum if anyone has detailed information on how to setup Jazz authentication on WAS for using IBM Bluepages and Blue Groups.   I'm trying to set this up through the WAS console Security->Global Security using the Stand Alone LDAP registry dialogs.  Specifically I need the configuration details and the advanced settings.  if someone could post that here, it would be great and send it to me via an IBM email.  I've searched through the forum posts but haven't been able to glean what I need from the many posts. 
Thanks

One answer



permanent link
KrishnaKanth Naik (76511015) | answered May 27 '13, 8:24 a.m.
JAZZ DEVELOPER
 Hello Thomas

We have an internal technote that explains the process. If you have access to DCF database, you could search for Internal Technote#1322153 to get the procedure

Comments
Thomas Loeber commented May 27 '13, 9:35 a.m.
JAZZ DEVELOPER

Thank you for this pointer.  I went through this setup on WAS and restarted the server. When I tried to map my blue groups to the jts roles that are defined (Like JazzAdmin) my search returned nothing but this message.
The selected realm cannot be accessed at this time. You might need to start the server. Otherwise, you can use the following fields to add users by their unique user IDs.


Thomas Loeber commented May 27 '13, 10:34 a.m.
JAZZ DEVELOPER

One more piece of information is that once I followed the instructions that Krishna provided, I am able to log in to the WAS console using my LDAP identity in Bluepages, so the realm seems to be configured properly. I am just unable to map my LDAP Bluepage groups to the JTS roles because the search returns the message I provided  in my previous post.


Thomas Loeber commented May 28 '13, 8:22 a.m.
JAZZ DEVELOPER

Perhaps if someone could send me the actual screen shots from the WAS console of their Security->Global Security->Stand Alone LDAP registry configuration and the advanced LDAP user registry settings.  I'm using WAS 7.0. These are my settings.
Standalone LDAP registry.  (This is set as current)
Endbled: Automatically generated server identity
Type of LDAP server: Custom
Host: bluepages.ibm.com
Port: 389
Base distinguished Name: o=ibm.com
Enabled: Reuse connection
Enabled: Ignore case for authorization

Advanced LDAP settings.
User filter: (mail=%v1)
Group Filter: (uniquemember={0})
User ID map:  :mail
Group ID map: 
:cn
Group member ID map:  ibm-allGroups:member;ibm-allGroups:uniqueMember
Disabled:  Perform a nested group search


KrishnaKanth Naik commented May 29 '13, 8:11 a.m.
JAZZ DEVELOPER

 Hello Thomas

I found another developer works article that has a very descriptive configuration and instructions. This has all the configuration details too.



Kevin Ramer commented Jun 13 '14, 2:05 p.m.

Anyone ever seen or more importantly solved "The selected realm cannot be accessed at this time." ?  I'm trying to migrate an upgraded ( 4.0.6 ) CLM into WebSphere 8.X.  I chatted with Tom who did solve, but he couldn't find the reference to share.


Rob Logie commented Jun 19 '14, 2:04 a.m.

Hi
I too have run into this problem, "The selected realm cannot be accessed at this time." error while trying to configure WAS with bluepages for RTC.  As above I can login to WAS console with intranet id, but if I get the error when searching for users when trying to add more admin users.
Does anyone have a solution to this problem ?

thanks in advance

- Rob


Rob Logie commented Jun 19 '14, 3:24 a.m.

I think I may have a solution based on the fix in this. http://www-01.ibm.com/support/docview.wss?uid=swg1PM03403

I changed the setting from the trust below option to trust all saved it, then changed back to trust below and saved it.
The problem then seemed to go away and I could search for IDs without getting the error.  Very strange

showing 5 of 7 show 2 more comments

Your answer


Register or to post your answer.


Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.