Has anyone gotten WAS 5 on z/Linux to authenticated the IBM LDAP with the
RACF back-end?
It is premature for us to go to native authentication on z/Linux, so having
WebSphere on z/Linux use the local OS for authentication is not practical.
We are attempting to configure was on z/Linux to talk to the IBM directory
server on z/OS, but it is being reluctant. Ergo, there is something I do
not understand.
So, we have an ID set up to access facility class irr.listuser. Lets call
that ID FRED for the sake of the argument. This has a non expiring
password.
Security says the ID and password are stored in RACF upper case.
WAS asks for the following. Where I have a valid value I will supply what
we used.
Server User ID FRED
Server User Password {freds password}
Host Hawk <---------------letting DNS handle this part.
Port 389
Base Distinguished Name (DN)
racfid=FRED,profiletype=user,ou=racf,o=co.hennepin.mn,c=us
Bind Distinguished Name (DN)
racfid=FRED,profiletype=user,ou=racf,o=co.hennepin.mn,c=us
Bind Password {freds password}
Search Timeout 120
reuse connection Y Ignore case Y SSL Enabled Y
and default settings for SSL configuration
When attempting to turn this on, We get this:
Feb 10, 2004 com.ibm.ws.console.securit security.validation.exceptio
2:23:33 PM CST y.SecurityValidation n
Feb 10, 2004 com.ibm.ws.console.securit security.ctr.ckpwd.exception
2:23:33 PM CST y.ConnectToRuntime
Feb 10, 2004 com.ibm.ws.security.core.S SECJ0297E: Error checking
2:23:33 PM CST ecurityAdmin password for user :FRED
Feb 10, 2004 com.ibm.ws.security.regist SECJ0336E: Authentication
2:23:33 PM CST ry.ldap.LdapRegistryImpl failed for user FRED
Feb 10, 2004 com.ibm.ws.security.regist SECJ0352E: Could not get the
2:23:33 PM CST ry.ldap.LdapRegistryImpl users matching the pa
I don't really see any good documentation that covers this particular
issue. Has anyone done this?
According to our security people
