LDAP [Lightweight Directory Access Protocol] is an application layer protocol in IP network. It is used for accessing and maintaining distributed directory information services.
Directory services provide any organized set of records, often with a hierarchical structure, such as corporate email directory.
We can configure Maximo authentication using Websphere and LDAP federated repository.
A federated repository enables to use multiple repositories with WebSphere Application Server. These repositories, which can be file-based repositories, LDAP repositories, or a sub-tree of an LDAP repository, are defined and theoretically combined under single realm. All of the user repositories that are configured under the federated repository functionality are transparent to WebSphere Application Server.
This capability is achieved through configuration, rather than development, with the use of the new Virtual Member Manager (VMM).
VMM provides a repository-independent programming interface, support various pluggable repositories and a single view of their own multiple repositories in a federated model .
Realm - A realm is defined on a web or application server. It contains a collection of users, which may or may not be assigned to a group, that are controlled by the same authentication policy.
The article provides simple screen shots on configuring LDAP with Maximo, which is easier to follow than IBM LDAP guide with a set of procedures.
https://www.ibm.com/developerworks/mydeveloperworks/blogs/a9ba1efe-b731-4317-9724-a181d6155e3a/entry/maximoldapconfiguration?lang=en
In addition to this article, you may need to do other actions to make LDAP work.
1. In WAS, Global Security, Change Available Realm Definition to Federated repositories, Click Set as Current and Click Apply.
2. set useAppServerSecurity to 1 in maximo\applications\maximo\maximouiweb\webmodule\WEB-INF\web.xml
3. Edit file \WebSphere\AppServer\profiles\ctgDmgr01\config\cells\ctgCell01\wim\config\wimconfig.xml. Scroll down to line <config:attributeConfiguration> and Add the following line:
<config:externalIdAttributes name="distinguishedName"/>.
4. Run the below query in SQL tool -->
update maxpropvalue set propvalue='1' where propname='mxe.useAppServerSecurity';
commit;
5. When you deploy the new EAR files for UI application server in Websphere, ensure Map Security and User group Mapping(on Step 14) during the deployment.
6. Set correct parameters to VMMSYNC cron task by referring to tpaetoLDAP.pdf guide.
http://goo.gl/s6QDOO
7. Add custom attribute from Directory to Maximo tables
http://goo.gl/sRgAnk
