Hi,

I'm trying to get WebSphere Portal 5.0 up-and-running with
LDAP, specifically OpenLDAP (slapd).

Has anyone got experience with this?
OpenLDAP not listed as a supported LDAP but can it work?

My problem is that:

./WPSconfig.sh enable-security-ldap

results in following error message (in the log):

com.ibm.wps.command.xml. XmlCommandServlet$AuthorizationException
:
XMLC0007E: ... message in dutch stating that no user with ID
wpsadmin can be found ....

The command "./WPSconfig.sh validate-ldap" works fine.

Silvain

[ Post a follow-up to this message ]

Silvain,
since OpenLDAP is not listed as supported directory, I do not think it
is possible to use OpenLDAP. This is because the configuration is not
prepared to configure portal for OpenLDAP. In addition, if you use an
unsupported directory, you will not get support in case you have any
problems with portal.

Oliver

[ Post a follow-up to this message ]

I finally got it working, i.e. OpenLDAP with WebSphere Portal.
So it is possible, but you are of course right with regard of
support ....

Silvain

"Oliver Meyer" <meyer_oliver@gmx.de> wrote in message
news:ch246j$6se2$1@news.boulder.ibm.com...
> Silvain,
> since OpenLDAP is not listed as supported directory, I do not think it
> is possible to use OpenLDAP. This is because the configuration is not
> prepared to configure portal for OpenLDAP. In addition, if you use an
> unsupported directory, you will not get support in case you have any
> problems with portal.
>
> Oliver

[ Post a follow-up to this message ]

Silvain Piree wrote:
> I finally got it working, i.e. OpenLDAP with WebSphere Portal.
> So it is possible, but you are of course right with regard of
> support ....
>

Whould you mind sharing your experience with us? What where the main issues?

[ Post a follow-up to this message ]

Rob,

here are main issues (thanks to an email I got from someone else):
- added new schema to OpenLDAP for extra attribute types
and object classes (so we can treat it as IBM Directory Server)
- added attribute type 'ibm-appUUID' to this new schema,
see http://publib.boulder.ibm.com/tividd/td/IBMDS/
IDSschema52/en_US/HTML/schema.html#ibm-appuuidaux
- added object class 'ibm-appUUIDAux' to this new schema,
see http://publib.boulder.ibm.com/tividd/td/IBMDS/
IDSschema52/en_US/HTML/schema.html#ibm-appuuid
- made sure core.schema, corba.schema, cosine.schema and
inetorgperson.schema were included in slapd.conf file (in
addition to the new schema)
- added "users" group, "groups" group and entries for "wpsadmin",
"wpsbind" and "wpsadmins" to OpenLDAP using LDIF
- in wpconfig.properties made appropriate changes as if using
IBM Directory Server

Note: as pointed out this is not supported by IBM, so you'll
probably not get any support from them when using this.

Silvain

"Rob" <robertb.nospam@axium.com> wrote in message
news:ch4p97$60q4$1@news.boulder.ibm.com...
> Silvain Piree wrote: 
>
> Whould you mind sharing your experience with us?
> What where the main issues?

[ Post a follow-up to this message ]

Hi Silvain,
I am trying to config OpenLdap as WPS user registry.
But the WPSConfig process would not succeed, getting errmsg:
com.ibm.websphere.wmm.exception.WMMSystemException:
????????????¡¤???????¡À¨º????
at com.ibm.ws.wmm.MemberRepositoryManager.
getMember(MemberRepositoryManager.java:3362)
at com.ibm.ws.wmm.MemberRepositoryManager.
getMember(MemberRepositoryManager.java:3161)

in ldap console i got error msg:
....
connection_read(1108): checking for input on id=1
ber_get_next
ber_get_next: tag 0x30 len 176 contents:
ber_get_next
ber_get_next on fd 1108 failed errno=10035 (WSAEWOULDBLOCK)
do_search
ber_scanf fmt ({miiiib) ber:
....

My Environment is : Windows 2003/Openldap 2.2/WPS 5.1
2004-9-3 15:52:48
Silvain Piree <s.piree@enneya.com> wrote in message
<ch982m$58qi$1@news.boulder.ibm.com>
[vbcol=seagreen]
> Rob,
>
> here are main issues (thanks to an email I got from someone else):
> - added new schema to OpenLDAP for extra attribute types
>    and object classes (so we can treat it as IBM Directory Server)
> - added attribute type 'ibm-appUUID' to this new schema,
>    see http://publib.boulder.ibm.com/tividd/td/IBMDS/
>          IDSschema52/en_US/HTML/schema.html#ibm-appuuidaux
> - added object class 'ibm-appUUIDAux' to this new schema,
>    see http://publib.boulder.ibm.com/tividd/td/IBMDS/
>          IDSschema52/en_US/HTML/schema.html#ibm-appuuid
> - made sure core.schema, corba.schema, cosine.schema and
>    inetorgperson.schema were included in slapd.conf file (in
>    addition to the new schema)
> - added "users" group, "groups" group and entries for "wpsadmin",
>    "wpsbind" and "wpsadmins" to OpenLDAP using LDIF
> - in wpconfig.properties made appropriate changes as if using
>    IBM Directory Server
>
> Note: as pointed out this is not supported by IBM, so you'll
> probably not get any support from them when using this.
>
> Silvain
>
> "Rob" <robertb.nospam@axium.com> wrote in message
> news:ch4p97$60q4$1@news.boulder.ibm.com... 

[ Post a follow-up to this message ]

Check here for some more detailed instructions.

http://hostmaster.marketgroups.com/~gdaswani/websphere/

there's no reason to add ibm-appUUID, as openldap has an entryUUID
attribute.

George

"Weichun Qian" <wchqian@263.net> wrote in message
news:d2j9i0$3iei$1@news.boulder.ibm.com...[vbcol=seagreen]
> Hi Silvain,
>   I am trying to config OpenLdap as WPS user registry.
>   But the WPSConfig process would not succeed, getting errmsg:
> com.ibm.websphere.wmm.exception.WMMSystemException:
> ????????????¡¤???????¡À¨º????
>  at com.ibm.ws.wmm.MemberRepositoryManager.
> getMember(MemberRepositoryManager.java:3362)
>  at com.ibm.ws.wmm.MemberRepositoryManager.
> getMember(MemberRepositoryManager.java:3161)
>
> in ldap console i got error msg:
> ....
> connection_read(1108): checking for input on id=1
> ber_get_next
> ber_get_next: tag 0x30 len 176 contents:
> ber_get_next
> ber_get_next on fd 1108 failed errno=10035 (WSAEWOULDBLOCK)
> do_search
> ber_scanf fmt ({miiiib) ber:
> ....
>
> My Environment is : Windows 2003/Openldap 2.2/WPS 5.1
> 2004-9-3 15:52:48
> Silvain Piree <s.piree@enneya.com> wrote in message
> <ch982m$58qi$1@news.boulder.ibm.com>
> 

[ Post a follow-up to this message ]