Connect OpenDJ LDAP service to Websphere federated repositories

Nice that it is possible ­čÖé

1. Add repository:

Global security > Federated repositories > Manage repositories > Add
Directory type: IBM Tivoli Directory Server
SAVE
Directory type: Custom
SAVE

2. Add base entry to realm:

Global security > Federated repositories > Add Base entry to Realm

Name: EXT
Distinguished name of a base entry that uniquely identifies this set of entries in the realm
DC=EXT
Distinguished name of a base entry in this repository
dc=ext,dc=host,dc=pl

3. If required – modify Group attribute definition to your LDAP member naming standards

4. If required – modify LDAP entity types to your LDAP ObjectClass settings, base dn and search filter

5. Restart Was Manager

6. Edit
Global security > Federated repositories > EXT > LDAP entity types

Group groupOfUniqueNames

7. Configure VMMSYNC on IBM Control Desk to fetch users/groups

8. Restart JVM-S on which login should be possible

SECJ0369E: Authentication failed when using LTPA, CWWIM4537E No principal is found

Error: CWWIM4537E No principal is found from the ‘cn=wasadmin,o=defaultWIMFileBasedRealm’
Solution: Change wasadmin principal definition in VMMSYNC Task definition.

Valid principal is: uid=wasadmin,o=defaultWIMFileBasedRealm

[6/16/16 12:04:31:441 CEST] 00000130 LTPAServerObj E SECJ0369E: Authentication failed when using LTPA. The exception is com.ibm.websphere.wim.exception.PasswordCheckFailedException: CWW4537E No principal is found from the 'cn=wasadmin,o=defaultWIMFileBasedRealm' principal name..
[6/16/16 12:04:31:443 CEST] 00000130 SystemOut O 16 Jun 2016 12:04:31:442 [ERROR] [MAXIMO1] [CID-CRON-2730] The VMMSyncCronTask action could not start. See the associated message.
psdi.security.vmm.VMMSyncException: com.ibm.websphere.security.auth.WSLoginFailedException: CWWIM4537E No principal is found from the 'cn=wasadmin,o=defaultWIMFileBasedRealm' principal n
e.
at psdi.security.vmm.VMMSynchronizer.init(VMMSynchronizer.java:226)
at psdi.security.vmm.VMMSyncTask.init(VMMSyncTask.java:203)
at psdi.security.vmm.VMMSyncCronTask.initSyncSettings(VMMSyncCronTask.java:97)
at psdi.security.vmm.VMMSyncCronTask.cronAction(VMMSyncCronTask.java:203)
at psdi.server.CronTaskManager.callCronMethod(CronTaskManager.java:2379)
(...)

Commit database configuration changes from administrative workstation

For commiting database configuration changes please run commands from shell:

sudo su -
cd /opt/IBM/SMP/maximo/tools/maximo
./configdb.sh
#./restorefrombackup.sh
./dropbackup.sh

Running first two performs the same function as choosing the Apply Configuration Changes menu option from the Database Configuration application, but requires all maximo application servers to be stopped.

Example response :

BMXAA0342I - Views are being configured. Wed Mar 04 13:39:45 CET 2015
BMXAA0344I - The attribute metadata is being refreshed. Wed Mar 04 13:39:46 CET 2015
BMXAA0343I - Object metadata is being refreshed. Wed Mar 04 13:40:25 CET 2015
BMXAA0341I - Native indexes are being rebuilt. Wed Mar 04 13:40:29 CET 2015
BMXAA0340I - Refreshing index metadata Wed Mar 04 13:40:29 CET 2015
BMXAA0339I - Updating table storage partitions Wed Mar 04 13:40:29 CET 2015
BMXAA0337I - Make sure you have created indexes for these new tables: PLUSPAGREPRICE Wed Mar 04 13:40:35 CET 2015
BMXAA0381I - There are no backup tables to restore data from. Wed Mar 04 13:40:35 CET 2015
BMXAA6820I - ConfigDB completed without errors. Wed Mar 04 13:40:35 CET 2015
BMXAA6820I - RestoreFromBackup completed without errors. Wed Mar 04 13:40:35 CET 2015
BMXAA6818I - DropBackup started for schema MAXIMO, connected to database jdbc:db2://xxxx/maxdb75 Wed Mar 04 13:44:33 CET 2015
BMXAA0380I - There are no backup tables to drop. Wed Mar 04 13:44:33 CET 2015
BMXAA6820I - DropBackup completed without errors. Wed Mar 04 13:44:33 CET 2015

Maximo Integration – Object Structure create/update

As written in previous post it is needed to create or extend Object Structure to have possibility to read, add or update record connected mboSets.

Example definition:

Object Parent Object Object Location Path Relationship
ASSET ASSET
ASSETUSERCUST ASSET ASSET/ASSETUSERCUST ASSETUSERCUST
ASSETSPEC ASSET ASSET/ASSETSPEC ASSETSPECCLASS

After create object structure You should “Generate Schema”.

Add worklog to record by REST Api

Problem:

Adding comment to to record by simply create WORKLOG mbo through the rest Api is not possible.

Such action results in Error 400: comlog#ownerNull.

Solution:

Right way to do this is adding WORKLOG from parent record, using custom object structure (which has to have relation to WORKLOG enabled).

Tasks:

1. Choose  (or create) Object Structure for Integration, which will have relation to WORKLOG object.

2. Fetch record using that object structure

3. Add workload in form of attributes list:

WORKLOG.index.DESCRIPTION

(…) where index will be number of existing comments + 1

Direct enter into Websphere Maximo application

If you using integration and passing large amount of data IHS or other proxy can by problematic as it probably could timeout your operations.

To commit this you can use strict WebSphere ports. (In default SCCD installation it will be port 9080). After knowing that port you can access directly:

http://MAXIMO_URL:9080/maximo/