Problem(Abstract)
After LDAP configuration in WebSphere, LDAP users attributes First Name and Last Name are blank in InformationServer Console..
The Below solution is only when configured LDAP with Federated Repositories. It wont work for Standalone LDAP Configurations as Per IBM Documentation.
Resolving the problem
Below are steps to get around the mapping issue by changing the VMM configuration to map the "givenName" attribute in the LDAP repositories to a "cn" attribute. This means the LDAP repositories in the federated repositories configuration will return the value for their "givenName" when a VMM query asks for the value of the "cn" attribute. The steps to make this configuration change are as follows:
Make a backup copy of file <InfoSphere profile dir>/config/cells/<cell name>/wim/config/wimconfig.xml. This is the file that will get updated with the configuration changes
cd <InfoSphere profile dir>/bin and run ./wsadmin.sh to get to the wsadmin prompt.
Run the following command for each LDAP repository identifier that was added to their federated repositories configuration, where <repository identifier> is the repository name in their federated repositories configuration:
$AdminTask addIdMgrLDAPAttr {-id "<repository identifier>" -name givenName -propertyName cn -entityTypes PersonAccount}
Run "$AdminConfig save" and then "quit" to exit the wsadmin prompt.
cd <IS install dir>/ASBServer/bin.
Run the following command to change the ISF attribute map:
./DirectoryAdmin.sh -sam -um "mail=mail,sn=lastName,cn=firstName" -gm "cn=name"
Restart WAS.
Open Information Server Console and verify if LDAP users FirstName and LastName are populated.
No comments:
Post a Comment