Wednesday, 3 June 2009

WebSphere Portal - Moving from Standalone LDAP to Federated Repository

One of our clients recently experienced a problem whereby they were trying, and failing, to migrate a WebSphere Portal 6.1.0.1 clustered environment from a standalone LDAP to a federated repository.

The Fed. Rep. concept was introduced quite recently, as a way of allowing a portal infrastructure to support multiple user repositories ( LDAP or Custom User Registry ). This would, for example, facilitate an intranet/extranet solution, whereby two Virtual Portals were deployed on the same physical installation of WebSphere Portal, with the Fed Rep approach being used to separate the user's into two different registries; perhaps OpenLDAP for extranet and Active Directory for intranet.

Anyway, back to the problem - the client was trying to configure WP using the ConfigEngine command line tool, using the command: -

ConfigEngine wp-modify-federated-security -DWasPassword=<password> 

which was failing with: -

Given user '<value from federated.primaryAdminId in wkplc.properties>' does not exist

The solution, as documented in this TechNote: -

PK73830: WP-MODIFY-FEDERATED-SECURITY FAILS USING CURRENT INSTRUCTIONS


was to add the switch: -

-Dskip.ldap.validation=true

to the command, giving us: -

ConfigEngine wp-modify-federated-security -DWasPassword=<password> -Dskip.ldap.validation=true

Job done !

PS As a matter of interest, I did the same thing, but used the Wizard instead of ConfigEngine, and it worked for me - although I did have to start the WebSphere_Portal instance BEFORE running the WIzard.

No comments: