× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. MIDRANGE-L
  3. April 2007

Re: EIM / LDAP

You shouldn't have to configure LDAP before using the Wizard to create an
EIM domain.

If you don't know the administrator ID and/or password, use iSeries
Navigator, Network, Servers, TCP/IP. Scroll to the bottom of the list and
you'll find IBM Directory Server. Double-click it. (Make sure you
connect to the system as QSECOFR).

You'll see a multi-panel window. On the General panel in the middle of the
page is "Administrator information". You can change the administrator ID
(make sure whatever you change it to starts with "cn=" followed by
whatever name you want). Press the "Password..." button and you can set
the password to whatever you want.

Now use the userID and password you just set as the administrator ID and
password in the EIM configuration wizard.

NOTE: Most customers haven't used LDAP before configuring an EIM domain.
Therefore, the only LDAP userID available for configuration is the
cn=Administrator ID. Once you have EIM configured, the best practice, is
to create an LDAP userID (creating it in the EIM domain is fine, and it
gets replicated if you replicate the EIM domain to another system...of
course, the LDAP DN you need to specify is a lot more characters to type).
After creating, right click on the EIM domain name and select "Access
Control..." Give this userID EIM administrator authority. Then use this
userID for the one the system uses when it needs to do an EIM lookup.




Patrick Botz


Security Architecture Consulting & Implementation

IBM Systems and Technology Group Lab Services

mail: botz@xxxxxxxxxx

phone: 507.253.0917 / mobile: 507.250.5644



ibm.com/servers/eserver/services



midrange-l-bounces@xxxxxxxxxxxx wrote on 04/20/2007 10:12:19 AM:

When you try to connect as QSECOFR are you select iseries user id or is
it
still looking for a ldap id?

Rob Berendt
--
Group Dekko Services, LLC
Dept 01.073
PO Box 2000
Dock 108
6928N 400E
Kendallville, IN 46755
http://www.dekko.com

ALopez@xxxxxxxxxx
Sent by: midrange-l-bounces+rob=dekko.com@xxxxxxxxxxxx
04/20/2007 10:41 AM
Please respond to
Midrange Systems Technical Discussion <midrange-l@xxxxxxxxxxxx>


To
midrange-l@xxxxxxxxxxxx
cc

Fax to

Subject
EIM / LDAP

Page 18 of the "Windows-based Single Signon and the EIM Framework" says:

"If an LDAP server has not been previously configured, the EIM wizard
creates a basic configuration on your iSeries for you."

When I get to chapter six, the instructions seem to assume that LDAP is
already configured and that I know the password for its administrator.
The

EIM configuration wizard gives me a couple of options for connecting to
the LDAP as either the LDAP administrator, with an iSeries profile, etc.

Nothing, including QSECOFR, seems to work here.

Am I right in assuming that I must get LDAP up and running myself, and
the

EIM wizard will create a basic [EIM] configuration on my already
existing
LDAP? I would have thought from the description above that it would
create the LDAP itself, load the bare minimum needed for EIM and I could

go from there.

As an Amazon Associate we earn from qualifying purchases.

This thread ...
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.