• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Paul Clapham
  • Ron McLeod
  • Liutauras Vilda
  • Bear Bibeault
Sheriffs:
  • Jeanne Boyarsky
  • Tim Cooke
  • Devaka Cooray
Saloon Keepers:
  • Tim Moores
  • Tim Holloway
  • Piet Souris
  • salvin francis
  • Stephan van Hulst
Bartenders:
  • Frits Walraven
  • Carey Brown
  • Jj Roberts

questions regarding LDAP repository & Websphere

 
Ranch Hand
Posts: 3851
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

I've configured Apache Directory with WebSphere Application Server & it seems to be working. I can login with a username & password which is present in Apache Directory. The questions I have are:
1. Apache Directory had a built in user uid=admin (DN: uid=admin,ou=system) - I used this user as a Primary Administrative User Name while configuring LDAP repository in WAS console - now the issue is that I can only login with this user. Although I've created other users at the same level in Apache Directory, they won't work...
2. The user id I have to use for login is uid=admin,ou=system which is DN (distinguished name), I was wondering if I could use just admin (uid) instead?

Thanks in advance.

 
ankur rathi
Ranch Hand
Posts: 3851
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
This question seems specific to Websphere now.

I figured out answer for 2nd question. In Advanced Lightweight Directory Access Protocol (LDAP) user registry settings, there is a property called User Filter, it had following value previously -
(&(uid=%v)(objectclass=ePerson))

When I looked into Apache Directory, there was no object class with name ePerson, instead the object class name was person so I changed this value to -
(&(uid=%v)(objectclass=person))

Now I can use just 'admin' as username for login - no need for complete DN (uid=admin,ou=system).
 
ankur rathi
Ranch Hand
Posts: 3851
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Can some mod please move this thread to Websphere forum? Thanks.

 
ankur rathi
Ranch Hand
Posts: 3851
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Okay, now I could login with other users also. I'll tell you what did I do -

Go to Users and Groups > Administrative User Roles
Here, I added those users with appropriate roles (administrator or operator or whatever), these users has to be present in LDAP repository (else you can’t add them here).
Now I am able to login with other users also (which I’ve just added)…

This is fine but what I wanted was that I don’t use websphere admin console to add users – guess there should be some way to do all this in LDAP repository itself…


 
Hold that thought. Tiny ad:
Thread Boost feature
https://coderanch.com/t/674455/Thread-Boost-feature
reply
    Bookmark Topic Watch Topic
  • New Topic