Friday, 10 March 2017

At last, LDAP Test Query feature added to WebSphere Application Server

So this is something that I've wanted FOREVER …

I don't know precisely when it appeared, but I just realised that WebSphere Application Server (WAS) Network Deployment 8.5.5.11 ( 8.5.5 Fixpack 11 ) now includes the ability to test LDAP connectivity: -


Specifically, this: -


which returns: -

whereas if, for example, I use the wrong Bind Password, I get: -


SECJ7340E: Exception raised trying to connect to LDAP serverException Name=javax.naming.AuthenticationException Reason=[LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903D0, comment: AcceptSecurityContext error, data 52e, v2580] ***** LdapSearch Input Parameters ***** hostName=windows2012.uk.ibm.com portNumber=389 sslEnabled=false baseDN=CN=Users,DC=uk,DC=ibm bindDN=CN=LDAPBindUser,CN=Users,DC=uk,DC=ibm,DC=com bindPwd=***** searchFilter=cn=BPMUser* searchLimit=20 referral=ignore searchScope=sub 

Even better, there's a Python command AdminTask.ldapSearch which makes Scripty McScriptface happy: -

print AdminTask.ldapSearch('[-hostname windows2012.uk.ibm.com -port 389 -baseDN CN=Users,DC=uk,DC=ibm,DC=com -bindDN CN=LDAPBindUser,CN=Users,DC=uk,DC=ibm,DC=com -bindPassword Qpassw0rd -sslEnabled false -referral ignore -searchFilter cn=BPMUsers -searchLimit 20 ]')

***** LdapSearch Input Parameters *****
hostName=windows2012.uk.ibm.com
portNumber=389
sslEnabled=false
baseDN=CN=Users,DC=uk,DC=ibm,DC=com
bindDN=CN=LDAPBindUser,CN=Users,DC=uk,DC=ibm,DC=com
bindPwd=*****
searchFilter=cn=BPMUsers
searchLimit=20
referral=ignore
searchScope=sub

***** LdapSearch Results *****

------ #1
cn=BPMUsers
name=BPMUsers
instanceType=4
groupType=-2147483646
objectSid=_)2R
sAMAccountType=268435456
member=CN=BPMUser2,CN=Users,DC=uk,DC=ibm,DC=com
member=CN=BPMUser1,CN=Users,DC=uk,DC=ibm,DC=com
uSNCreated=12729
uSNChanged=12752
objectClass=top
objectClass=group
distinguishedName=CN=BPMUsers,CN=Users,DC=uk,DC=ibm,DC=com
objectCategory=CN=Group,CN=Schema,CN=Configuration,DC=uk,DC=ibm,DC=com
sAMAccountName=BPMUsers
objectGUID=HLtU
whenCreated=20170310074140.0Z
whenChanged=20170310074309.0Z
dSCorePropagationData=16010101000000.0Z

which is GREAT.

Thanks IBM :-)

*UPDATE*

I've just found this: -


which says, in part: -

The fix for this APAR is currently targeted for inclusion in
fix packs 7.0.0.41, 8.0.0.12 and 8.5.5.8

so it's been there since 8.5.5.8 ;-)
at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Note to self - use kubectl to query images in a pod or deployment

In both cases, we use JSON ... For a deployment, we can do this: - kubectl get deployment foobar --namespace snafu --output jsonpath="{...