Social Connections VI - Do you know WIM ?
Upcoming SlideShare
Loading in...5
×

Like this? Share it with your network

Share

Social Connections VI - Do you know WIM ?

  • 379 views
Uploaded on

Do you know WIM ? Integration points of IBM Connections into the security parts of Websphere.

Do you know WIM ? Integration points of IBM Connections into the security parts of Websphere.

More in: Internet , Technology
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
No Downloads

Views

Total Views
379
On Slideshare
348
From Embeds
31
Number of Embeds
2

Actions

Shares
Downloads
16
Comments
0
Likes
2

Embeds 31

http://socialconnections.info 30
https://www.linkedin.com 1

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. Thank you for the sponsors
  • 2. Big thanks for my sponsor
  • 3. Do you know WIM ?
  • 4. Introduction ● Sjaak Ursinus ● Working 11 Years for ilionx as consultant ● Working with IBM Connections since Jan 2007 ● IBM Champion since start of program ● Twitter → sursinus ● Skype → sursinus ● Linkedin → www.linkedin.com/in/sursinus ● Various other social website's
  • 5. Purpose of this presentation ● Knowledge about how IBM Connections (DSX/Waltz) integrates with WIM/VMM ● Knowledge about what to do when some things don't work in IBM Connections ● Why IBM States in documentation that some attributes of LDAP need to be mapped to certain COLUMNS in the PEOPLEDB ● Beter understanding how things work so you can play with configs in your environment when needed (warning : leave default as much as possible)
  • 6. Agenda ● Websphere Identity Manager components ● Explaining DSX ● How does this all work together ● Example ● Recap ● Questions
  • 7. What do we call WIM ?
  • 8. What do we call WMM/VMM ?
  • 9. What do we call DSX ? ● DSX stands for Directory Service Extension ● Is part of IBM Connections profiles and communities ● Is enabled in LotusConnections-config.xml – <sloc:serviceReference profiles_directory_service_extension_enabled="true " serviceName="directory"/> ● WALTZ = Client for DSX and VMM (or LDAP) ● WPI = Waltz Profile Integration ● WCI = Waltz Communities Integration
  • 10. So what is VMM ● VMM is basically an LDAP of its own ● With its own Schema ● Schema can be manipulated ● <node_profile>configcells<CellName>wim – config – model ● wimconfig.xml & wimdomain.xsd & wimxmlextension.xml
  • 11. Login properties
  • 12. Login properties ● So the login properties are LDAP attributes ? NO! ● As said before VMM has its own schema ● The first VMM login property is a special one because that is mapped to userPrincipal ● Connections applications use this userPrincipal property to interface with WPI
  • 13. DSX ● /profiles/dsx/instance.do?login=<userPrincipal> ● /profiles/dsx/instance.do?idKey=<GUID> ● /communities/dsx/instance.do? idKey=<COMMUNITY_UUID> ● /communities/dsx/membership.do? idKey=<GUID>&role=<1 or 2 or 3>
  • 14. WPI Output example <?xml version="1.0" encoding="UTF-8"?> <feed xmlns:dsx="http://www.ibm.com/xmlns/prod/sn/dsx" xmlns="http://www.w3.org/2005/Atom"> <entry> <dsx:type>0</dsx:type> <dsx:idKey>DA196B2C-59A3-A631-C125-7A4F0052EE36</dsx:idKey> <dsx:name>Thije Beldman</dsx:name> <dsx:email>Thije.Beldman@linkedx.nl</dsx:email> <dsx:dn>CN=Thije Beldman,OU=nl,O=linkedx</dsx:dn> <dsx:sourceUrl>ldap://ics-lx-dom.linkedx.nl:389/(undefined=_search_base_)?(&amp; (uid=*)(objectclass=inetOrgPerson)) </dsx:sourceUrl> <dsx:userState>0</dsx:userState> <dsx:login>tbeldman</dsx:login> <dsx:login>thije.beldman@linkedx.nl</dsx:login> <dsx:ext prop="base$profileType">default</dsx:ext> <dsx:ext prop="acl$profile.status.update">true</dsx:ext> </entry> </feed>
  • 15. DSX ● /profiles/dsx/instance.do?login=<userPrincipal> ● /profiles/dsx/instance.do?idKey=<GUID> ● /communities/dsx/instance.do? idKey=<COMMUNITY_UUID> ● /communities/dsx/membership.do? idKey=<GUID>&role=<1 or 2 or 3>
  • 16. WCI Output example <feed xmlns="http://www.ibm.com/xmlns/prod/sn/dsx"> <entry> <dsx:type>2</dsx:type> <dsx:idKey>9b320be5-d604-4219-99bb-82fdc895883f</dsx:idKey> <dsx:name>Info</dsx:name> <dsx:privacy>0</dsx:privacy> <dsx:orgID></dsx:orgID> <dsx:internalOnly>true</dsx:internalOnly> </entry> </feed>
  • 17. DSX ● /profiles/dsx/instance.do?login=<userPrincipal> ● /profiles/dsx/instance.do?idKey=<GUID> ● /communities/dsx/instance.do? idKey=<COMMUNITY_UUID> ● /communities/dsx/membership.do? idKey=<GUID>&role=<1 or 2 or 3>
  • 18. DSX Configuration ● LotusConnections-config.xml ● <sloc:serviceReference profiles_directory_service_extension_enabled="true" serviceName="directory"/> ● directory.services.xml (is not used anymore afaik) ● custom_user_id_attribute ● custom_group_id_attribute ● ldap_group_membership_directory_service_enabled (undocumented)
  • 19. Member tables ● Every app has its own member table ● Because of independent developed applications in IBM TAP's environment ● DSX (WPI/WCI) is the VMM for IBM Connections ● WALTZ is the glue between DSX and VMM ● http://www.stickfight.co.uk/blog/Connections-Db- Schema-Tip2-Finding-the-UserID ● Basically every application member table is a profiles table on its own
  • 20. Example ● EmployeeID (attribute available according domino schema) ● Not default available in VMM schema ● VMM schema need to be extended ● Can then be used by VMM ● Can then be used by DSX/Waltz – <sloc:serviceReference profiles_directory_service_extension_enabled="true " custom_user_id_attribute="EmployeeID" serviceName="directory"/>
  • 21. wimxmlextension.xml <?xml version="1.0" encoding="UTF-8"?> <sdo:datagraph xmlns:sdo="commonj.sdo" xmlns:wim=" http://www.ibm.com/websphere/wim"> <wim:schema> <wim:propertySchema nsURI="http://www.ibm.com/websphere/wim" dataType="String" multiValued="false" propertyName="EmployeeID"> <wim:applicableEntityTypeNames>PersonAccount </wim:applicableEntityTypeNames> </wim:propertySchema> </wim:schema> </sdo:datagraph>
  • 22. Example ● EmployeeID (attribute available according domino schema) ● Not default available in VMM schema ● VMM schema need to be extended ● Can then be used by VMM ● Can then be used by DSX/Waltz – <sloc:serviceReference profiles_directory_service_extension_enabled="true " custom_user_id_attribute="EmployeeID" serviceName="directory"/>
  • 23. Recap ● We have talked about WIM and VMM ● We have talked about DSX and what it does for IBM Connections ● We have talked about WALTZ and where it is used for ● Member tables have been explained as well ● I have shown how all these different components work together ● I have shown where config settings can be applied and how they need to be applied
  • 24. Thank you for the sponsors