Step1 :
Start Portal Server
Login into Application Server - Integrated Solutions Console
Go to - Security>Global Security
Click on configure Note : Make Sure Federated Repository is selected
Start Portal Server
Login into Application Server - Integrated Solutions Console
Go to - Security>Global Security
Click on configure Note : Make Sure Federated Repository is selected
Step 2:
On Federated repositories screen click "Add base entry to realm"
On Repository reference screen click on "Add repository"
Provide
Repository identifier : mytechuserbase
Directory type : IBM Tivoli Directory Server
On Federated repositories screen click "Add base entry to realm"
On Repository reference screen click on "Add repository"
Provide
Repository identifier : mytechuserbase
Directory type : IBM Tivoli Directory Server
Primary host
name : localhost
Port : 389
Bind distinguished name : cn=root Note : make sure this user exist in ldap and has rights to modify ldap entry
Bind password : root
Clock on 'Ok' button
Port : 389
Bind distinguished name : cn=root Note : make sure this user exist in ldap and has rights to modify ldap entry
Bind password : root
Clock on 'Ok' button
After that provide following info in current window
Distinguished name of a base entry that uniquely identifies this set of entries in the realm
dc=mytech,dc=com
Distinguished name of a base entry in this repository
dc=mytech,dc=com
Click on 'ok' button
Click on 'Save' link
Distinguished name of a base entry that uniquely identifies this set of entries in the realm
dc=mytech,dc=com
Distinguished name of a base entry in this repository
dc=mytech,dc=com
Click on 'ok' button
Click on 'Save' link
Step3 :
Click on "Supported entity types" link and modify
'Group' and 'PersonAccount' values with
cn=groups,dc=mytech,dc=com and cn=users,dc=mytech,dc=com respectively
cn=groups,dc=mytech,dc=com and cn=users,dc=mytech,dc=com respectively
Step4 :
Restart the portal server to reflect the changes
Test the LDAP setup :
Login into Application Server - Integrated Solutions Console
Create the user/group and validate the same user/group
details in LDAP server through ldap browser or IDSWebApp application.
Installation steps
for Tivoli Directory Server Web Administration Tool -
1) Make sure Db2 and TDS instance is running
2) Start server1 profile
3) Deploy and start IDSWebApp.war
4) Open application IDSWebApp http://portal.mytech.com:10000/IDSWebApp/IDSjsp/Login.jsp. Default username and password superadmin/secret
5) Make cn=root as super user for domain (dc=mytech,dc=com)
6) Since we will be configuring Federated repository, we need to remove user's wpsadmin,wpsbind and group 'wpsadmins' from LDAP as these are already available in portal server.
1) Make sure Db2 and TDS instance is running
2) Start server1 profile
3) Deploy and start IDSWebApp.war
4) Open application IDSWebApp http://portal.mytech.com:10000/IDSWebApp/IDSjsp/Login.jsp. Default username and password superadmin/secret
5) Make cn=root as super user for domain (dc=mytech,dc=com)
6) Since we will be configuring Federated repository, we need to remove user's wpsadmin,wpsbind and group 'wpsadmins' from LDAP as these are already available in portal server.
Hi there,
ReplyDeleteI am trying to do these steps using responsive files. However, I screwed up the global security after enabling the security. I can't restart ND anymore. So I disable the security by changing the xml.
I suspect the root cause of my problem is
Bind distinguished name : cn=root Note : make sure this user exist in ldap and has rights to modify ldap entry
This cn=root is came by default in ldap isn't it? I don't get any search result for it. Do I need to do something?
Is it because I didn't do the following prior to the federation?
5) Make cn=root as super user for domain (dc=mytech,dc=com)
6) Since we will be configuring Federated repository, we need to remove user's wpsadmin,wpsbind and group 'wpsadmins' from LDAP as these are already available in portal server.
Your post is very helpful so I am going to try it out tomorrow.
Appreciate if you could take some times to reply me if you do see this. Thank you...
cheer,
NY
Good to know that.. you are able to get help out of this post.
ReplyDeletecn=root is the base super admin there. When you install TDS it will ask you to provide base dn and password. I was talking about that user. In case you can't configure super admin credentials in portal then create a new user in ldap and ADD the admin group in ACL from IDSWebApp Admin console.
Log into the admin console, open the "Directory Management" tab in the left navbar and then select "Manage entries". Select your RDN and then select edit ACL from the dropdown list at the top.
On the next screen, select the "OWNERS TAB "
Here you will have to add the admin group.
Then add the admin group i.e wpsadmins(in my case ) in the filtered ACL's .