Wednesday, 3 June 2009
WebSphere Portal - Moving from Standalone LDAP to Federated Repository
One of our clients recently experienced a problem whereby they were trying, and failing, to migrate a WebSphere Portal 18.104.22.168 clustered environment from a standalone LDAP to a federated repository.
The Fed. Rep. concept was introduced quite recently, as a way of allowing a portal infrastructure to support multiple user repositories ( LDAP or Custom User Registry ). This would, for example, facilitate an intranet/extranet solution, whereby two Virtual Portals were deployed on the same physical installation of WebSphere Portal, with the Fed Rep approach being used to separate the user's into two different registries; perhaps OpenLDAP for extranet and Active Directory for intranet.
Anyway, back to the problem - the client was trying to configure WP using the ConfigEngine command line tool, using the command: -
ConfigEngine wp-modify-federated-security -DWasPassword=<password>
which was failing with: -
Given user '<value from federated.primaryAdminId in wkplc.properties>' does not exist
The solution, as documented in this TechNote: -
PK73830: WP-MODIFY-FEDERATED-SECURITY FAILS USING CURRENT INSTRUCTIONS
was to add the switch: -
to the command, giving us: -
ConfigEngine wp-modify-federated-security -DWasPassword=<password> -Dskip.ldap.validation=true
Job done !
PS As a matter of interest, I did the same thing, but used the Wizard instead of ConfigEngine, and it worked for me - although I did have to start the WebSphere_Portal instance BEFORE running the WIzard.