Wednesday 7 April 2010

WAS + TDS

From TDS:
A. installing the IBM TDS.
B. installing the WASembedded-IBMTDS
C. start the instance in the services.msc.
D. start the server1 in the TDS profile WAS.
E. go to TDS admin console : http://localhost:12100/IDSWebApp/IDSjsp/Login.jsp?showConsoleAdminLogin=true
F. default user:superadmin passwd: secret
G. Register the instance LDAP you want (ex. localhost 389)
H. Then you can manage this LDAP localhost 389 by the url
G. user: cn=...(usually root) passwd:.... (depends on what you put during the installation)
I. Go to server admininstration, add suffix ex. o=nehalorg
J. Go to directory management - manage entry : add o=nehalorg (parent leaves it empty) at the value you can put it same nehalorg (so there wudnt be multiple values).
K. From here you can create our own LDAP structure.
L. if you want to add an object (ex. class=person)and get "invalid dn entry". make sure in the relative dn you dint just put the calue, do like this "cn=value" (eihter it is cn or o or ou or whatever, you can see it right under it, there is one mandatory value, if it is cn then you put cn)


From WAS:
A. Security -> secure admin and infra -> available realm = standaolne ldap ==> set and then configure

B. primary admin user name =
a.either full DN (cn=wasuserPerson,ou=brno,o=nehalorg) or
b.the value (wasuserperson)
(only after you modify the "advance ldap setting" filter like cn=%v , notice %v is value).
At this time, WAS change the type to "custom ldap" instead of IBM TDS (uid=%v, objectclass=ePerson).

C. put the BaseDN (as the point to start search).
D. Bind DN is not necessary,it is only for anonymous connection.
E. restart java.
F. if you changed the "advance ldap setting" then you can use the value, instead of the long dn.
G. case doesnt sensitive.

NOTE:
1. SECJ0369E: Authentication failed when using LTPA. The exception is javax.naming.AuthenticationNotSupportedException: [LDAP: error code 48 - Inappropriate Authentication].
==> This means you use "user" which has no passwd attribute (it depends on the object class)

2. LdapRegistryI E SECJ0361E: Authentication failed for wasuserinet because user is not found in the registry.
==> if you have ensured that you use full dn, and this still appears, This means you need to configure the ldap filter search in "advance ldap setting".
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)