Unable to create new user in portal 6.1 after enaling security withTDS 6.1 - Websphere

This is a discussion on Unable to create new user in portal 6.1 after enaling security withTDS 6.1 - Websphere ; I have configured portal 6.1 with TDS 6.1 and it got successfully configured .I got the message task completed successfully. But the problem is that I am not able to create any user even though i am administrator. I am ...

+ Reply to Thread
Results 1 to 11 of 11

Thread: Unable to create new user in portal 6.1 after enaling security withTDS 6.1

  1. Unable to create new user in portal 6.1 after enaling security withTDS 6.1

    I have configured portal 6.1 with TDS 6.1 and it got successfully configured .I got the message task completed successfully.


    But the problem is that I am not able to create any user even though i am administrator.

    I am also not able to sign up .Only those users which exist in the ldap only those users can login into the portal .

    In short *i am unbale to vreate any New user in the portal but able to login with the existing user.*



    EJPSG0015E: Data Backend Problem com.ibm.websphere.wim.exception.WIMSystemException : CWWIM4520E The 'javax.naming.NoPermissionException: [LDAP: error code 50 - Insufficient Access Rights]; remaining name 'uid=pranav,cn=users,dc=yourco,dc=com'; resolved object com.sun.jndi.ldap.LdapCtx@5b945b94' naming exception occurred during processing

    Please help me .


    Thanks

    Regards..

    Pranav

  2. Re: Unable to create new user in portal 6.1 after enaling securitywith TDS 6.1

    I have configured portal 6.1 with TDS 6.1 and it got successfully configured .I got the message task completed successfully.

    But the problem is that I am not able to create any user even though i am administrator.

    I am also not able to sign up .Only those users which exist in the ldap only those users can login into the portal .

    In short *i am unbale to create any New user in the portal but able to login with the existing user.*


    EJPSG0015E: Data Backend Problem com.ibm.websphere.wim.exception.WIMSystemException : CWWIM4520E The 'javax.naming.NoPermissionException: LDAP: error code 50 - Insufficient Access Rights; remaining name 'uid=pranav,cn=users,dc=yourco,dc=com'; resolved object com.sun.jndi.ldap.LdapCtx@5b945b94' naming exception occurred during processing

    Please help me .

    Thanks

    Regards..

    Pranav

  3. Re: Unable to create new user in portal 6.1 after enaling securitywith TDS 6.1

    It sounds like the bind DN for this LDAP defined in VMM is not granted the right to create users in the LDAP. Check with your LDAP administrator. You can check the bind DN in wimconfig.xml:

    config:repositories xsi:type="config:LdapRepositoryType" ...
    ...
    config:ldapServerConfiguration ...
    ...
    config:ldapServers ... bindDN="cn=root" ...
    ...

    ...



  4. Re: Unable to create new user in portal 6.1 after enaling securitywith TDS 6.1

    Ask your LDAP administrator if this:

    bindDN="uid=wpsadmin,cn=users,dc=yourco,dc=com"

    is really the distinguished name (DN) Portal should use to bind to LDAP when creating users (if you cut-and-pasted this verbatim, I doubt that your LDAP contains "dc=yourco,dc=com"). If the DN is correct, ask the LDAP administrator to make sure it has the right permissions for creating users.

    You won't be able to verify the password by looking directly at wimconfig.xml. You would have to verify that through wkplc.properties (assuming you haven't deleted the clear-text password from that file already). So, check the DN & permissions first. Then if you have to verify the password, do so with wkplc.properties & the appropriate ConfigEngine task. This doesn't look like a password-related error though.

  5. Re: Unable to create new user in portal 6.1 after enaling securitywith TDS 6.1

    Actually in TDS 6.1 you need to ADD the admin group in ACL from IDSWebApp Admin console.This solved the problem.

  6. Re: Unable to create new user in portal 6.1 after enaling securitywith TDS 6.1

    I have a the same problem. Could please share a more detailed description of your solution above? Thanks.

  7. Re: Unable to create new user in portal 6.1 after enaling securitywith TDS 6.1

    Log into the admin console, open the "Directory Management" tab in the left navbar and then select "Manage entries". Select your RDN and then select edit ACL from the dropdown list at the top.

    On the next screen, select the "OWNERS TAB "

    Here you will have to add the admin group.

    Then add the admin group i.e wpsadmins(in my case ) in the filtered ACL's .

    Test it and let me know whether it works or not.

    Thanks

    Pranav

  8. Re: Unable to create new user in portal 6.1 after enaling securitywith TDS 6.1

    Users and Groups but it still fails for me...

    EJPSG0015E: Data Backend Problem com.ibm.websphere.wim.exception.WIMSystemException : CWWIM4520E The 'javax.naming.NoPermissionException: [LDAP: error code 50 - Insufficient Access Rights]; remaining name 'uid=daangus,cn=users,dc=acllc,dc=com'; resolved object com.sun.jndi.ldap.LdapCtx@2aaa2aaa' naming exception occurred during processing.
    com.ibm.wps.util.DataBackendException: EJPSG0015E: Data Backend Problem com.ibm.websphere.wim.exception.WIMSystemException : CWWIM4520E The 'javax.naming.NoPermissionException: [LDAP: error code 50 - Insufficient Access Rights]; remaining name 'uid=daangus,cn=users,dc=acllc,dc=com'; resolved object com.sun.jndi.ldap.LdapCtx@2aaa2aaa' naming exception occurred during processing.
    EJPSG0015E: Data Backend Problem com.ibm.websphere.wim.exception.WIMSystemException : CWWIM4520E The 'javax.naming.NoPermissionException: [LDAP: error code 50 - Insufficient Access Rights]; remaining name 'uid=daangus,cn=users,dc=acllc,dc=com'; resolved object com.sun.jndi.ldap.LdapCtx@2aaa2aaa' naming exception occurred during processing.
    CWWIM4520E The 'javax.naming.NoPermissionException: [LDAP: error code 50 - Insufficient Access Rights]; remaining name 'uid=daangus,cn=users,dc=acllc,dc=com'; resolved object com.sun.jndi.ldap.LdapCtx@2aaa2aaa' naming exception occurred during processing.

  9. Re: Unable to create new user in portal 6.1 after enaling securitywith TDS 6.1

    In filtered ACL . Select True and add the admins group in this as well.

    For checking- Go to effective ACL's and then click on load .
    If you are able to get the admins group when you click load then i think it should work .

    Thanks

    Pranav

  10. Re: Unable to create new user in portal 6.1 after enaling securitywith TDS 6.1

    Hey, is it possible to grant read/write access to only few attributes to the bindDN account instead "Grant All" permissions?

    Requirement - Users wont be signed up using portal but they should have the capabilities to modify preferred language and password through the portal. And not giving "Grant all" permissions to the bindDN ldap account.

    I tired granting attribute wise permissions to the bind user. But its not working. Is there way to go about achieving my requirement

    Thanks,
    Shyam

  11. Re: Unable to create new user in portal 6.1 after enaling securitywith TDS

    I believe ITDS support granular ACL settings down to attribute level, but this is more like a question to the LDAP support folks.

    -FF

    The postings on this site are my own and do not necessarily represent the positions, strategies or opinions of IBM.

+ Reply to Thread