Wednesday, April 4, 2012

IBM Connections 3.0.1 on RHEL - how to install - 7. Connect Domino LDAP

In our infrastructure, we already have Domino server installed, so here I am going to show how to configure Federated Repository (add Domino LDAP).

What you will need:

  • You must know FQND or IP of your Domino server
  • LDAP port 389 as standard
  • If your LDAP need to authenticate to reed content, you mast know some account DN and password - this will be used as bind user to bind in to LDAP
  • You should have installed WAS (see previous posts)
  1. Show status of dmgr server 
    1. [root@ic bin]# cd /opt/IBM/WebSphere/AppServer/bin/
  2. [root@ic bin]# ./serverStatus.sh -all -user wasadmin -password Pass4conn
  3. If it is not started already, run: 
    1. [root@ic bin]# cd /opt/IBM/WebSphere/AppServer/bin/startManager.sh
  4. Backup your  wimconfig.xml file before doing any changes in the federated repository configuration
    1. [root@ic bin]# cd /opt/IBM/WebSphere/AppServer/profiles/Dmgr01/config/cells/icCell01/wim/config/
    2. [root@ic config]# cp wimconfig.xml wimconfig.xml.bak
  5. Open web browser and go to  http://<hostname>:9060/admin  
  6. Login with administrator account wasadmin and your password
    1. go to Security > Global security  and in User account repository click Configure... button
    2. In Repositories in the realm table click Add Base entry to Realm...
    3. Click Add Repository and fill
      1. Repository identifier (enter MyLDAP)
      2. Select Directory type: IBM Lotus Domino
      3. Enter Primary host name of your domino server
      4. If you need bind enter bind and password
      5. In Login properties you can add more options to login, I added email so there is uid;mail in the field
      6. Click OK  and enter in to field with label:  Specifies the Lightweight Directory Access Protocol (LDAP) distinguished name (DN) that uniquely identifies this set of entries in the realm root of your Domino LDAP ... I have o=ys,c=cz
      7. Click OK and SAVE
    4. Restart dmgr server:
      1. [root@ic bin]# /opt/IBM/WebSphere/AppServer/bin/stopManager.sh -user wasadmin -password Pass4conn
      2. [root@ic bin]# /opt/IBM/WebSphere/AppServer/bin/startManager.sh -user wasadmin -password Pass4conn
    5. Login again in to web Integrated Solutions Console
      1. Navigate in to Users and Groups > Manage Users
      2. Click on Search button. If the expected set of users is returned then LDAP is configured correctly! Make the same for groups and be sure that members of groups are correct.
    6. Setup SSO
      1. Go to Security > Global security in Authentication expand Web and SIP security and click Single sign-on (SSO)
      2. enter  .ys.cz ... so .<domain>.com  It must start with a dot and continue with domain
      3. Check  Interoperability Mode
      4. OK and SAVE
      5. Go to Security Global security and click on Enable application security 
      6. OK and SAVE
    7. Sync nodes
      1. [root@ic bin]# cd /opt/IBM/WebSphere/AppServer/profiles/AppSrv01/bin
      2. [root@ic bin]# ./syncNode.sh ic.ys.cz 8879 -username wasadmin -password <your password>
Ok now we will go to Populate Profiles from the LDAP into DB2 tables.
Posted by at
Labels: , , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)