FEB / Connections Surveys – custom LDAP attributes

posted in: connections, Technical | 0

Thanks to Christopher Dawes in the IBM Forms support team a long running issue I have seen with FEB (Forms Experience Builder) / Connections surveys is now resolved!!

Once of my long standing very awesome customers was seeing a problem with Connections surveys. They do not use a standard LDAP attribute for their displayname – the cn is the employee number and the uid is a short name which is not always easy to differentiate between users. These are the 2 attributes that FEB expect to use as the user display name. Not always easy to tell who abc12345 is .. or sbell123 so I opened a PMR to get to the bottom of how to change this to a custom LDAP attribute – in this case we use fullName – which displays my user as Sharon E Bellamy.

After a bit of backwards and forwards, many logs and tracing and a bit of DB hacking to prove the theory we now have a solution.

So here is how to resolve it.

Firstly you need your custom LDAP attribute – fullName
You will the repository Id of your LDAP – this is basically the label you have given the LDAP in the configuration. In this case it was novell as the LDAP is Novell E Directory

LDAPID

 

 

 

 

 

 

but in another example here you can see an Active Directory example (ADInternal)

 

 

LDAPID2

 

 

 

 

 

 

 

Step 1:

Add a new WebSphere Entity Type – wsadmin

open a command prompt to the deployment manager/bin directory

run wsadmin (you do not need to set the lang type to jython)

enter the command to set the new entity type – were name = your LDAP attribute name and repositoryIds is your LDAP identifier

 

[blockquote]

$AdminTask addIfMgrPropertyToEntityTypes { -name fullName -dataType String -isMultiValued false -entityTypeNames PersonAccount -repositoryIds Novell}

[/blockquote]

 

 

 

 

 

This registers the attribute in the WIM config.

 

 

 

Step2:

Add the entity type into WebSphere

open the WebSphere admin console / ISC

browse to Security > Global Security > Configure federated repositories

Click on the link for your repository identifier (novell in my case)

LDAPID3

 

 

 

Once in the repository config, click on the Federated repositories property names to LDAP attribute mappings

 

LDAPIDs4

 

Enter a the new attribute for our custom LDAP entry (fullName)

 

LDAPIDs5

 

Where Name = a meaningful name for the new attribute

 

Property name = the LDAP attribute name

 

Entity types = PersonAccount

 

Apply and save

 

Save a lot

 

then restart the deployment manager.

 

Step 3:

Edit the Builder_config.properties on the node where FEB is installed (in my case the primary connections node)

the default directory where this is kept is

Windows – C:\IBM\Forms\extentions

Linux – /opt/IBM/Forms/extentions

Open the property file in your favourite text editor

near the top of the file ensure the

ibm.was.MemberManager.userProps.displayName property is not commented out and add your new LDAP attribute

in my case

 

[blockquote]

ibm.was.MemberManager.userProps.displayName = fullName

[/blockquote]

 

 

 

 

 

Save and close the file

 

and restart everything

 

Now when you create a survey or fill one in your new attribute it used.

Existing surveys are updated with the owner / creators name when they log in. The freedom (FEB) DB is updated when the user logs on and the display name is updated.

 

There you have it – took a while as there was a little bit of jiggery pokery with the wsadmin command and the PersonAccount attribute but it works 🙂

Hope this helps anyone else seeing the same problem

Leave a Reply