Connect OpenDJ LDAP service to Websphere federated repositories

Nice that it is possible 🙂

1. Add repository:

Global security > Federated repositories > Manage repositories > Add
Directory type: IBM Tivoli Directory Server
SAVE
Directory type: Custom
SAVE

2. Add base entry to realm:

Global security > Federated repositories > Add Base entry to Realm

Name: EXT
Distinguished name of a base entry that uniquely identifies this set of entries in the realm
DC=EXT
Distinguished name of a base entry in this repository
dc=ext,dc=host,dc=pl

3. If required – modify Group attribute definition to your LDAP member naming standards

4. If required – modify LDAP entity types to your LDAP ObjectClass settings, base dn and search filter

5. Restart Was Manager

6. Edit
Global security > Federated repositories > EXT > LDAP entity types

Group groupOfUniqueNames

7. Configure VMMSYNC on IBM Control Desk to fetch users/groups

8. Restart JVM-S on which login should be possible

SECJ0369E: Authentication failed when using LTPA, CWWIM4537E No principal is found

Error: CWWIM4537E No principal is found from the ‘cn=wasadmin,o=defaultWIMFileBasedRealm’
Solution: Change wasadmin principal definition in VMMSYNC Task definition.

Valid principal is: uid=wasadmin,o=defaultWIMFileBasedRealm

[6/16/16 12:04:31:441 CEST] 00000130 LTPAServerObj E SECJ0369E: Authentication failed when using LTPA. The exception is com.ibm.websphere.wim.exception.PasswordCheckFailedException: CWW4537E No principal is found from the 'cn=wasadmin,o=defaultWIMFileBasedRealm' principal name..
[6/16/16 12:04:31:443 CEST] 00000130 SystemOut O 16 Jun 2016 12:04:31:442 [ERROR] [MAXIMO1] [CID-CRON-2730] The VMMSyncCronTask action could not start. See the associated message.
psdi.security.vmm.VMMSyncException: com.ibm.websphere.security.auth.WSLoginFailedException: CWWIM4537E No principal is found from the 'cn=wasadmin,o=defaultWIMFileBasedRealm' principal n
e.
at psdi.security.vmm.VMMSynchronizer.init(VMMSynchronizer.java:226)
at psdi.security.vmm.VMMSyncTask.init(VMMSyncTask.java:203)
at psdi.security.vmm.VMMSyncCronTask.initSyncSettings(VMMSyncCronTask.java:97)
at psdi.security.vmm.VMMSyncCronTask.cronAction(VMMSyncCronTask.java:203)
at psdi.server.CronTaskManager.callCronMethod(CronTaskManager.java:2379)
(...)

Maximo Integration – Object Structure create/update

As written in previous post it is needed to create or extend Object Structure to have possibility to read, add or update record connected mboSets.

Example definition:

Object Parent Object Object Location Path Relationship
ASSET ASSET
ASSETUSERCUST ASSET ASSET/ASSETUSERCUST ASSETUSERCUST
ASSETSPEC ASSET ASSET/ASSETSPEC ASSETSPECCLASS

After create object structure You should “Generate Schema”.

Add worklog to record by REST Api

Problem:

Adding comment to to record by simply create WORKLOG mbo through the rest Api is not possible.

Such action results in Error 400: comlog#ownerNull.

Solution:

Right way to do this is adding WORKLOG from parent record, using custom object structure (which has to have relation to WORKLOG enabled).

Tasks:

1. Choose  (or create) Object Structure for Integration, which will have relation to WORKLOG object.

2. Fetch record using that object structure

3. Add workload in form of attributes list:

WORKLOG.index.DESCRIPTION

(…) where index will be number of existing comments + 1