We had an odd scenario with a Novell directory, where the uid attribute was mapped in another attribute. To support this scenario first we had to modify wimconfig.xml into WebSphere configuration to expose uid as another attribute (edit under <config:attributeConfiguration> )
<config:attributeConfiguration>
<config:attributes name="customUid" propertyName="uid">
<config:entityTypes>PersonAccount</config:entityTypes>
</config:attributes>
</config:attributeConfiguration>
then after mapping in TDI scripts, into map_db_from_source.properties the following,
guid=customUid
uid=customUid
we noticed that every user trying to accessing got an exception like this one
AssertionException: Unsupported access by user with no profile: cn=FRANCESCO DE COLLIBUS,ou=users,dc=test,dc=com
Making the SQL query
db2
connect to PEOPLEDB
select * from EMPINST.EMPLOYEE where PROF_SURNAME like '%De Collibus%'
my record in database was correctly found
So we deployed snoop servlet and we noticed how the user was presenting himself to the Connections
The UserPrincipal and the RemoteUser, both contained DistinguishedName.
So into map_db_from_source.properties we mapped
loginId=$dn
We ran a sync_all_dns script, and now users can correctly access.
Comments