Puma.Store does not configure the PUMA layer? - Websphere

This is a discussion on Puma.Store does not configure the PUMA layer? - Websphere ; Please confirm ... On the infocenter page that discusses the "Puma Store Service" http://publib.boulder.ibm.com/infoce...srvcfgref.html , the first paragraph says: The following sections list and describe the configuration services for Puma But then the following paragraph says: The Puma Store Service ...

+ Reply to Thread
Results 1 to 10 of 10

Thread: Puma.Store does not configure the PUMA layer?

  1. Puma.Store does not configure the PUMA layer?

    Please confirm ...

    On the infocenter page that discusses the "Puma Store Service" http://publib.boulder.ibm.com/infoce...srvcfgref.html, the first paragraph says:

    The following sections list and describe the configuration services for Puma

    But then the following paragraph says:
    The Puma Store Service contains the configuration settings for Portal User Management.

    Ou hope was that this was truly a configuration setting for the PUMA layer. Since my application uses PUMA api calls, I was hoping that PUMA would generate the CN per the config setting. But it seems that really this is a "User management portlet" config setting? Our experiments showed that creating users from the User Management portlet would generate the appropriate CN ... but users created by our app would not generate a CN (unless we did it our app).

  2. Re: Puma.Store does not configure the PUMA layer?

    What LDAP is configured? What is the user DN you would like to create? What do you have in WP PumaStoreService? What is defined in wimconfig.xml? Any error messages?

    -FF

    The postings on this site are my own and do not necessarily represent the positions, strategies or opinions of IBM.

  3. Re: Puma.Store does not configure the PUMA layer?

    Thanks for responding. Here are the answers to your questions ...

    What LDAP is configured?
    Domino65

    What is the user DN you would like to create?
    CN=firstname lastname,O=ibm

    What do you have in WP PumaStoreService?
    This is the list of all "custom properties" on the server. We added the last 4 items in the list; the first 2 items were already present.

    store.puma_default.user.add.required.attributes .... sn
    store.puma_default.user.nonsupported.attributes ... certificate,identifier
    store.puma_default.puma.commonname.parts ... 2
    store.puma_default.puma.commonname.0 ... sn
    store.puma_default.puma.commonname.1 ... givenname
    store.puma_default.puma.commonname ... {0} {1}

    What is defined in wimconfig.xml?
    File attached (portal 6.1.0.2).

    Any error messages?
    "EJPSG0048E: When creating a new user, the rdn attribute cn must be set."

    Our code does not include cn in the list of attributes given to puma (to create the user). From the infocenter, it was a little confusing, but we had some hope that PUMA would generate the cn for us, if properly configured.

  4. Re: Puma.Store does not configure the PUMA layer?

    Is "store.puma_default.user.fbadefault.filter" set to CN?

    If the user can be correctly created in Portal GUI, it usually means the Portal configuration is correct. I would suggest someone to look into your custom code.

    -FF

    The postings on this site are my own and do not necessarily represent the positions, strategies or opinions of IBM.

  5. Re: Puma.Store does not configure the PUMA layer?

    No ... store.puma_default.user.fbadefault.filter is not set (only the 6 items listed above).

    Yes, when the user is created from portal admin portlet, the cn attribute is generated correctly (as configured by the store parameters above), and no problem creating the user.

    In our code, if we include cn attribute when creating the user, no problem creating the user, and cn attribute will be whatever we specify (not what is specified in the store.puma_default.

    But if we don't include cn when creating the user (same puma config) we get the message above.

    So it seems to us these config parameters do not affect puma, but only are used by portal admin portlets?

  6. Re: Puma.Store does not configure the PUMA layer?

    The parameter should be set by default. Please try adding it and also the one for Group.
    name: store.puma_default.user.fbadefault.filter
    value: cn

    name: store.puma_default.group.fbadefault.filter
    value: cn

    -FF

    The postings on this site are my own and do not necessarily represent the positions, strategies or opinions of IBM.

  7. Re: Puma.Store does not configure the PUMA layer?

    Progress! Many thanks.

    I also want to see if this works for another configuration ... where RDN=uid instead of CN. Any thoughts on this one?

    ----

    What LDAP is configured?
    TDS6

    What is the user DN you would like to create?
    uid=jerry102,cn=users,dc=ibm,dc=com

    What do you have in WP PumaStoreService?
    store.puma_default.user.add.required.attributes sn
    store.puma_default.user.nonsupported.attributes certificate,identifier
    store.puma_default.user.fbadefault.filter uid
    store.puma_default.group.fbadefault.filter cn
    store.puma_default.puma.commonname.parts 1
    store.puma_default.puma.commonname.0 sn
    store.puma_default.puma.commonname {0}


    What is defined in wimconfig.xml?
    File attached (portal 6.1.0.2).

    Any error messages?
    CWWIM4520E The 'javax.naming.directory.SchemaViolationException: [LDAP: error code 65 - Object Class Violation]; remaining name 'uid=jerry102,cn=users,dc=ibm,dc=com'; resolved object com.sun.jndi.ldap.LdapCtx@27f827f8' naming exception occurred during processing.

  8. Re: Puma.Store does not configure the PUMA layer?

    "CN" is a required attribute to any "Person" related objectclasses. In this case, LDAP 65 is complaining you didn't provide a CN value for some reason. Try to create a user from Portal GUI first to see if it works. The PUMA configuration seems to be OK though.

    You may have to open a PMR such that we can set up traces and engage different support teams if necessary.

    -FF

    The postings on this site are my own and do not necessarily represent the positions, strategies or opinions of IBM.

  9. Re: Puma.Store does not configure the PUMA layer?

    Right ... creating users through the portal admin does work, and if our code includes CN attribute when calling puma, that too works (user is created, no error).

    Our basic question is ... can puma generate the CN in all cases so that our app does not need to generate it (if the store.puma stuff is properly set up)?

    It seems that with the config changes recommended above, the answer is "yes" ... for the RDN=CN case. (Seems like CN was generated by Puma ... not by our code ... and user created successfully).

    But this latest test above is for RDN=uid ... and seems the answer is "no" for this case ... unless config is still not quite right, or there's a bug somewhere :-)

  10. Re: Puma.Store does not configure the PUMA layer?

    They are two different things. RDN=CN or RDN=UID only tells us how your user DN will be constructed. It has nothing to do with the attribute CN of the user. If Portal GUI is working fine, the problem is likely in your own code.

    -FF

    The postings on this site are my own and do not necessarily represent the positions, strategies or opinions of IBM.

+ Reply to Thread