Thursday, 20 April 2017

IBM Operational Decision Manager - Adding a LDAP server via the Decision Center Business Console

This has been on my To-Do list for some time.

One of my colleagues was looking to configure connectivity between the IBM ODM Decision Center Business Console and an LDAP server.

He, like me, is using ODM Advanced 8.8.1.

I'd previously installed and configured this version on WebSphere Application Server (WAS) Network Deployment 8.5.5.

This is what I have installed: -

/opt/ibm/InstallationManager/eclipse/tools/imcl listInstalledPackages

/opt/ibm/InstallationManager/eclipse/tools/imcl listInstalledPackages -features : : :,ejbdeploy,embeddablecontainer,thinclient : arch.64bit : : Documentation, :,,, : : 

My LDAP is a VM running Windows Server 2012, which is configured as an Active Directory server ( plus the usual DNS, Kerberos services etc. ).

Having checked that I can bind to AD via LDAP, from the command-line: -

ldapsearch -x -h -p 389 -D CN=LDAPBindUser,CN=Users,DC=uk,DC=ibm,DC=com -w Qpassw0rd -b CN=Users,DC=uk,DC=ibm,DC=com CN=BPMUser1 memberOf

# BPMUser1, Users,
dn: CN=BPMUser1,CN=Users,DC=uk,DC=ibm,DC=com
memberOf: CN=BPMUsers,CN=Users,DC=uk,DC=ibm,DC=com


ldapsearch -x -h -p 389 -D CN=LDAPBindUser,CN=Users,DC=uk,DC=ibm,DC=com -w Qpassw0rd -b CN=Users,DC=uk,DC=ibm,DC=com sAMAccountName=bpmuser1

# BPMUser1, Users,
dn: CN=BPMUser1,CN=Users,DC=uk,DC=ibm,DC=com
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: user
cn: BPMUser1


I then logged into the Business Console : -

includes an Administration tab: -

Using the + icon to create a new connection: -

Having created the connection, I was then able to import Groups: -

and Users: -

I can/will tinker further, but this is a good starter for 10.

For the record, I did see this early on: -

[20/04/17 16:40:28:822 BST] 000000c3 LDAPManagemen I   Cannot parse url:
                                 javax.naming.NamingException: Cannot parse url: [Root exception is Invalid URI:]
at com.sun.jndi.ldap.LdapURL.<init>(

Caused by: Invalid URI:

because I got the LDAP URL wrong. I had: -

rather than this: -

Thanks to this: -
Lovely stuff

No comments: