HCL Workload Automation, Version 9.4

LDAP server schema

About this task

When defining the schema in the LDAP server, consider that the Dynamic Workload Console 8.6 is based on Dashboard Application Services Hub whose queries to the LDAP server assume that the users have the uid attribute defined. LDAP users are queried only by the userid attribute. When users are imported into LDAP using an LDAP Data Interchange Format (LDIF) file, an auxiliary class of type eperson and an uid attribute is added to the LDAP user ID.

For more information, see: the section about configuring an external LDAP repository: http://publib.boulder.ibm.com/infocenter/tivihelp/v15r1/index.jsp?.

Therefore the LDAP server schema must contain the uid attribute and the object class must be eperson (the person object class used by the default schema does not support such an attribute). Moreover to comply with IDS for z/OS manual the useNativeAuth was set to all.

Example

Example of LDAP users defined:

LDAP Search is started ....
	Host = zos1166.MyUnit.es.MyOrg.com
	Port = 636
	Connection Type = SSL
	Timeout = 10 seconds
STEP 1 => Performing LDAP-SSL initialization
LDAP SSL initialization completed
STEP 2 => Connecting to LDAP server using the given credentials...
LDAP bind completed successfully.
STEP 3 => Searching on the server ...
--------------------------------------------------------------------
Enumerating attributes for DN : cn=John Doe, ou=MyUnit, o=MyOrg
cn = John Doe
sn = BORGIAN
objectclass = organizationalperson
objectclass = eperson
objectclass = top
objectclass = person

where

ou=MyUnit,o=MyOrg
ou=MyUnit
objectclass=top
objectclass=organizationalUnit
description=Tivoli organization

While defining the LDAP repository, Object Classes and Search bases have been adapted to this LDAP schema.