Thursday, 20 April 2017

IBM Operational Decision Manager - Adding a LDAP server via the Decision Center Business Console

This has been on my To-Do list for some time.

One of my colleagues was looking to configure connectivity between the IBM ODM Decision Center Business Console and an LDAP server.

He, like me, is using ODM Advanced 8.8.1.

I'd previously installed and configured this version on WebSphere Application Server (WAS) Network Deployment 8.5.5.

This is what I have installed: -

/opt/ibm/InstallationManager/eclipse/tools/imcl listInstalledPackages

com.ibm.cic.agent_1.8.6000.20161118_1611
com.ibm.websphere.IBMJAVA.v71_7.1.3040.20160720_1746
com.ibm.websphere.ND.v85_8.5.5010.20160721_0036
com.ibm.websphere.IHS.v85_8.5.5010.20160721_0036
com.ibm.websphere.PLG.v85_8.5.5010.20160721_0036
com.ibm.websphere.odm.dc.v88_8.8.1001.20160912_1319
com.ibm.websphere.odm.ds.rules.v88_8.8.1001.20160912_1339
com.ibm.websphere.odm.pt.dc.v88_8.8.1001.20160912_1435
com.ibm.websphere.odm.pt.rules.v88_8.8.1001.20160912_1441

/opt/ibm/InstallationManager/eclipse/tools/imcl listInstalledPackages -features

com.ibm.cic.agent_1.8.6000.20161118_1611 : 
com.ibm.websphere.IBMJAVA.v71_7.1.3040.20160720_1746 : 
com.ibm.websphere.ND.v85_8.5.5010.20160721_0036 : com.ibm.sdk.6_64bit,ejbdeploy,embeddablecontainer,thinclient
com.ibm.websphere.IHS.v85_8.5.5010.20160721_0036 : arch.64bit
com.ibm.websphere.PLG.v85_8.5.5010.20160721_0036 : com.ibm.jre.6_64bit
com.ibm.websphere.odm.dc.v88_8.8.1001.20160912_1319 : Documentation,com.ibm.wdc.rules.samples.feature
com.ibm.websphere.odm.ds.rules.v88_8.8.1001.20160912_1339 : com.ibm.wds.rules.res.feature,com.ibm.wds.rules.samples.feature,com.ibm.wds.rules.studio.feature,com.ibm.wds.updatesites.feature
com.ibm.websphere.odm.pt.dc.v88_8.8.1001.20160912_1435 : 
com.ibm.websphere.odm.pt.rules.v88_8.8.1001.20160912_1441 : 

My LDAP is a VM running Windows Server 2012, which is configured as an Active Directory server ( plus the usual DNS, Kerberos services etc. ).

Having checked that I can bind to AD via LDAP, from the command-line: -

ldapsearch -x -h windows2012.uk.ibm.com -p 389 -D CN=LDAPBindUser,CN=Users,DC=uk,DC=ibm,DC=com -w Qpassw0rd -b CN=Users,DC=uk,DC=ibm,DC=com CN=BPMUser1 memberOf

# BPMUser1, Users, uk.ibm.com
dn: CN=BPMUser1,CN=Users,DC=uk,DC=ibm,DC=com
memberOf: CN=BPMUsers,CN=Users,DC=uk,DC=ibm,DC=com

...

ldapsearch -x -h windows2012.uk.ibm.com -p 389 -D CN=LDAPBindUser,CN=Users,DC=uk,DC=ibm,DC=com -w Qpassw0rd -b CN=Users,DC=uk,DC=ibm,DC=com sAMAccountName=bpmuser1

# BPMUser1, Users, uk.ibm.com
dn: CN=BPMUser1,CN=Users,DC=uk,DC=ibm,DC=com
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: user
cn: BPMUser1

...

I then logged into the Business Console : -


includes an Administration tab: -


Using the + icon to create a new connection: -


Having created the connection, I was then able to import Groups: -



and Users: -



I can/will tinker further, but this is a good starter for 10.

For the record, I did see this early on: -

[20/04/17 16:40:28:822 BST] 000000c3 LDAPManagemen I   Cannot parse url: windows2012.uk.ibm.com
                                 javax.naming.NamingException: Cannot parse url: windows2012.uk.ibm.com [Root exception is java.net.MalformedURLException: Invalid URI: windows2012.uk.ibm.com]
at com.sun.jndi.ldap.LdapURL.<init>(LdapURL.java:109)

Caused by: java.net.MalformedURLException: Invalid URI: windows2012.uk.ibm.com

because I got the LDAP URL wrong. I had: -

windows2012.uk.ibm.com

rather than this: -

Thanks to this: -
Lovely stuff

No comments: