It's all about the answers!

Ask a question

Configuring WAS with LDAP realm: impossible to change anymore the Primary administrative user name set up


Alberto Teodoro (6631734) | asked Aug 20 '12, 5:49 a.m.

Hi,

I'm trying to configure WAS with LDAP realm but I had many problems. My system ifo are: CLM 4.0, WAS 7.0 fixpack 23, DB2 9.7 and SO Win Server 2008 R2.

As first step I followed instructions for enabling LDAP on WebSphere as here described: http://pic.dhe.ibm.com/infocenter/clmhelp/v4r0/topic/com.ibm.jazz.install.doc/topics/t_instl_config_ldap_on_was.html

I didn't understand the correst setup for the values in the section Advanced Lightweight Directory Access Protocol (LDAP) user registry settings for "User ID map", "Group ID map" and "Group member ID map". 

I was able to set configure WAS with LDAP realm but I can't change anymore the Primary administrative user name.

If I set up again the Federated registry, the Primary administrative user name wsadmin is no more a valid user for the login and I have to login again by the LDAP user defined.

In this situation I tryied to add a new valid LDAP user as aministrator by "Management user roles" but the list of avilable users is always empty.

Thank you very much in advance

Alberto


Comments
Karl Weinert commented Aug 20 '12, 10:14 a.m.
JAZZ DEVELOPER

Alberto, what is your end goal? It sounds like you want to end up using LDAP so it might be easiest to figure out how to fix the problems with LDAP rather than try to go back to a Federated Registry.


Alberto Teodoro commented Aug 20 '12, 10:41 a.m. | edited Aug 20 '12, 11:28 a.m.

Hi Karl, thanks for your interesting. Yes! I would like to fix the problem in my WAS configuration for LDAP.

Now I was able to do a new configuration, by defining a new Primary administrative user name.

So I would like to add new users for WAS looking in my LDAP dir, but the list of users is always empty trying to add a new user by the management of user roles. Maybe I have a bad configuration set up in the personal settings for the 3 values of: - User ID map - Group ID map - ID map

Thank you very much in advance for your help Alberto


Karl Weinert commented Aug 20 '12, 2:03 p.m.
JAZZ DEVELOPER

I think you need to verify the settings under "Global security > Administrative user roles > Standalone LDAP registry > Advanced Lightweight Directory Access Protocol (LDAP) user registry settings" That is going to be difficult to troubleshoot without being able to see your settings. Can you open a PMR?

Be the first one to answer this question!


Register or to post your answer.