Infosphere 11.5 - LDAP AD Authentication

A forum for discussing DataStage<sup>®</sup> basics. If you're not sure where your question goes, start here.

Moderators: chulett, rschirm, roy

Post Reply
skathaitrooney
Participant
Posts: 103
Joined: Tue Jan 06, 2015 4:30 am

Infosphere 11.5 - LDAP AD Authentication

Post by skathaitrooney »

Hello Experts,

We recently installed Infosphere 11.5 on our systems. It is a WAS standalone configuration. The engine and services tier are on the same computer.

We configured WAS admin console as described in the IBM docs to use LDAP.

https://www.ibm.com/support/knowledgece ... view=embed

We followed the steps as mentioned in the IBM notes. When we restarted WAS, we are able to login to WAS admin console using the LDAP userid, but when we try to login to the IIS consoles using the same WAS LDAP user id, it gives us an error saying that the User should have Suite User roles to proceed.

I even added my own LDAP id using the DirectoryAdmin tool as Administrator, but still it is popping up this same error.

Can anyone help me here?
Top
ray.wurlod
Participant
Posts: 54607
Joined: Wed Oct 23, 2002 10:52 pm
Location: Sydney, Australia
Contact:
Contact ray.wurlod

Post by ray.wurlod »

Can you view the WAS admin user within the Users panel of web console for Information Server? If so, does it have Suite User role?
IBM Software Services Group
Any contribution to this forum is my own opinion and does not necessarily reflect any position that IBM may hold.
Top
skathaitrooney
Participant
Posts: 103
Joined: Tue Jan 06, 2015 4:30 am

Post by skathaitrooney »

Thanks Ray for replying. The issue itself is that i am not able to login to IIS Console. Though the IBM product documentations mention that the WAS user id is by default granted an admin role when you switch to LDAP.
I tried listing out the access levels of the WAS admin id (the LDAP id) using the DirectoryAdmin tool, turns out all the access are intact for this id.
DataStageAdmin
FastTrackAdministrator
GlossaryAdmin
ISDAdministrator
MDWAdministrator
RulesAdministrator
SorcererAdmin
SuiteAdmin
SuiteUser

But when i try to login to IIS console, get an error stating that you need SuiteUser role to login :S
Top
skathaitrooney
Participant
Posts: 103
Joined: Tue Jan 06, 2015 4:30 am

Post by skathaitrooney »

Also, i have a doubt that what would happen to the default datastage admin user - dsadm which is a local OS user and not an LDAP AD user ?

Will we still be able to use this user to login to DataStage clients ?
Top
skathaitrooney
Participant
Posts: 103
Joined: Tue Jan 06, 2015 4:30 am

Post by skathaitrooney »

So IBM asked us to us LDAP using Federated Repositories. After switching to Federated Repositories our issue resolved.

IBM also said that they highly recommend Federated Repositories due to its scalability and ability to use multiple repositories.
Top
Post Reply

Return to “General”