Configuring and Integrating the Standalone Tivoli Directory Server with Websphere Portal : wp7

Step 1: Configuring the Tivoli Directory Server

a). Adding Suffixes
Go to Tivoli Web Admin Console --> ServerAdministration --> Manage Server Properties--> Suffixes --> Enter the Base DN name for the suffix (Like dc=yourcompany,dc=com)--> click add
Stop and Start the LDAP server from LDAP admin console
b). Importing the portaluser.ldif
copy the portalusers.ldif file , and change the dc=yourcompany,dc=com with your sepecific details.
stop the ldap server , go to LDAP admin console-->manage-->LDIF Tasks-->import LDIF data-->browse for the portalusers.ldif

LDAP suffix="dc=yourco,dc=com"
user prefix="uid"
user suffix="cn=users"
group prefix="cn"
group suffix="cn=groups"
Portal administrator DN ="uid=wpsadmin,cn=users, dc=yourco,dc=com"
Portal administrator group ="cn=wpsadmins,cn=groups, dc=yourco,dc=com"


Step 2: Integrating the Tivoli Directory Server with Portal (replacing the default filebasedrepository to TDS)

a). Update C:\IBM\WebSphere\wp_profile\ConfigEngine\config\helpers\wp_security_ids.properties file with corresponding values like below (Instead of modifying the wkplc.properties file, you can update this properties file)

standalone.ldap.id=localtds
standalone.ldap.host=sivavaka.com
standalone.ldap.port=389
standalone.ldap.bindDN=cn=root
standalone.ldap.bindPassword=ldappwd
standalone.ldap.ldapServerType=IDS
standalone.ldap.userIdMap=*:uid
standalone.ldap.groupIdMap=*:cn
standalone.ldap.groupMemberIdMap=
standalone.ldap.userFilter=(&(uid=%v)(objectclass=inetOrgPerson))
standalone.ldap.groupFilter=(&(cn=%v)(objectclass=groupOfUniqueNames))
standalone.ldap.serverId=uid=root,cn=users,dc=sivavaka,dc=com
standalone.ldap.serverPassword=Passw0rd

standalone.ldap.realm=sivavaka_portal
standalone.ldap.primaryAdminId=uid=wpsadmin,cn=users,dc=sivavaka,dc=com
standalone.ldap.primaryAdminPassword=wpsadminpwd
standalone.ldap.primaryPortalAdminId=uid=wpsadmin,cn=users,dc=sivavaka,dc=com
standalone.ldap.primaryPortalAdminPassword=wpsadminpwd
standalone.ldap.primaryPortalAdminGroup=cn=wpsadmins,cn=groups,dc=sivavaka,dc=com
standalone.ldap.baseDN=dc=sivavaka,dc=com

standalone.ldap.et.group.searchFilter=
standalone.ldap.et.group.objectClasses=groupOfUniqueNames
standalone.ldap.et.group.objectClassesForCreate=
standalone.ldap.et.group.searchBases=
standalone.ldap.et.personaccount.searchFilter=
standalone.ldap.et.personaccount.objectClasses=inetOrgPerson
standalone.ldap.et.personaccount.objectClassesForCreate=
standalone.ldap.et.personaccount.searchBases=

standalone.ldap.gm.groupMemberName=uniqueMember
standalone.ldap.gm.objectClass=groupOfUniqueNames
standalone.ldap.gm.scope=direct
standalone.ldap.gm.dummyMember=uid=dummy


standalone.ldap.personAccountParent=cn=users,dc=sivavaka,dc=com
standalone.ldap.groupParent=cn=groups,dc=sivavaka,dc=com
standalone.ldap.personAccountRdnProperties=uid
standalone.ldap.groupRdnProperties=cn

standalone.ldap.gc.name=
standalone.ldap.gc.updateGroupMembership=
standalone.ldap.gc.scope=direct
standalone.ldap.derefAliases=always
standalone.ldap.authentication=simple

standalone.ldap.referral=ignore
standalone.ldap.delimiter=/
standalone.ldap.ignoreCase=true

standalone.ldap.sslEnabled=false
standalone.ldap.sslConfiguration=
standalone.ldap.certificateMapMode=EXACT_DN
standalone.ldap.certificateFilter=
standalone.ldap.reuseConnection=true
standalone.ldap.searchTimeLimit=120000
standalone.ldap.connectionPool=false
standalone.ldap.supportSorting=false
standalone.ldap.supportPaging=false
standalone.ldap.supportTransactions=false
standalone.ldap.isExtIdUnique=true
standalone.ldap.supportExternalName=false
standalone.ldap.translateRDN=false
standalone.ldap.searchCountLimit=500
standalone.ldap.searchPageSize=
standalone.ldap.returnToPrimaryServer=
standalone.ldap.primaryServerQueryTimeInterval=
standalone.ldap.loginProperties=uid
standalone.ldap.cp.maxPoolSize=20

b). Execute the following commands to validate and update

#Validates the updated properties
ConfigEngine.bat validate-standalone-ldap -DWasPassword=wpsadmin -DparentProperties=C:\IBM\WebSphere\wp_profile\ConfigEngine\config\helpers\wp_security_ids.properties

#Below command will change the portal filebased repository toTDS
ConfigEngine.bat wp-modify-ldap-security -DWasPassword=wpsadmin -DparentProperties=C:\IBM\WebSphere\wp_profile\ConfigEngine\config\helpers\wp_security_ids.properties

Note: If any problems while executing the above commands,
a) make sure above properties proper (like LDAP admin ID(bindDN), PWD).
b) check the C:\IBM\WebSphere\wp_profile\ConfigEngine\properties\wkplc.properties and file and make sure Stand alone LDAP properties are valid and same as entered above

Once the above commands executed successfully, restart the portal and application server if its already started.

Resolving the "myportal" and "portal" issues

Following are the steps to handle the "myportal" and "portal" in WCM generated links using tags like above

1. Go to \wp_profile\PortalServer\config
2. Open ConfigService.properties using text editing tool.
3. Uncomment this property :uri.home.substitution and set it to true (initially it is commented.)
uri.home.substitution = true
4. Open CMD goto \wp_profile\ConfigEngine
5. Type ConfigEngine.bat update-properties
6. Restart your portal server for your changes to effect.

This property automatically handles this portal myportal issue. i.e if user is logged it will be myportal, if logged out then portal.

Check out this link for more information on this:
http://publib.boulder.ibm.com/infocenter/wpdoc/v6r1m0/index.jsp?topic=/com.ibm.wp.ent.doc_v6101/admin/srvcfgref.html

Yours in WebSphere

Jerome Slinger

Steps for migrating WCM data from 6.0 to 6.1

With Migration fever continuing I thought I would also add a 6.0 to 6.1 Migration comment.

Let me know if this seems unclear.


To migrate from IBM WebSphere Portal V6.0 or later, you must connect to a copy of the earlier portal's JCR database domain before running the migration tasks.

Important: If the new portal installation uses the same DBMS as the earlier portal, you must use the same database driver to connect to the copy of the earlier portal's JCR database domain. For example, if you configured the new portal's release domain to use DB2 with a DB2 Type 4 driver, and the earlier portal's JCR database domain also uses DB2, you must use a DB2 Type 4 driver to connect to the copy of the earlier portal's JCR database domain. If the new portal uses Oracle for the release domain and the earlier portal's JCR database domain uses a different DBMS such as DB2, you do not need to use the same database driver to connect to the copy of the earlier portal's JCR domain.

Follow these steps for migrating data

Create a separate copy of the earlier WebSphere Portal JCR domain.

On the new portal, locate and update the properties files listed below to reflect a connection to the JCR domain copy that you created in the previous step:
* wp_profile_root/ConfigEngine/properties/wkplc.properties
* wp_profile_root/ConfigEngine/properties/wkplc_comp.properties
* wp_profile_root/ConfigEngine/properties/wkplc_dbtype.properties
Note: The value of the parameter jcr.DbSchema in the wkplc_comp.properties file must be specified in uppercase (for example, jcr.DbSchema=JCR).

Change to the wp_profile_root/ConfigEngine directory, and then enter the following commands to validate the configuration properties:

ConfigEngine.bat validate-database-driver -DTransferDomainList=jcr
ConfigEngine.bat validate-database-connection -DTransferDomainList=jcr

Stop the WebSphere_Portal server.

Connect WebSphere Portal Version 6.1 to the copy of the earlier JCR domain:
ConfigEngine.bat connect-database-jcr-migration
Note: The portal-post-upgrade task uses database catalog functions during execution. These catalog functions need to be correctly bound to the database for the portal-post-upgrade task to work. Refer to the documentation for your DBMS to determine how to do this.

If you used IBM Lotus Web Content Management in the earlier portal, delete any V6.0.1.x syndicators or subscribers that were copied with the JCR database domain. See Setting up a syndication relationship.

If you are migrating Web Content Management you must also run the following task:
ConfigEngine.bat create-wcm-persistence-tables

Verify that the new portal server starts.