Social Connections VI - Do you know WIM ?

794 views

Published on

Do you know WIM ? Integration points of IBM Connections into the security parts of Websphere.

Published in: Internet, Technology
0 Comments
2 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
794
On SlideShare
0
From Embeds
0
Number of Embeds
50
Actions
Shares
0
Downloads
22
Comments
0
Likes
2
Embeds 0
No embeds

No notes for slide

Social Connections VI - Do you know WIM ?

  1. 1. Thank you for the sponsors
  2. 2. Big thanks for my sponsor
  3. 3. Do you know WIM ?
  4. 4. Introduction ● Sjaak Ursinus ● Working 11 Years for ilionx as consultant ● Working with IBM Connections since Jan 2007 ● IBM Champion since start of program ● Twitter → sursinus ● Skype → sursinus ● Linkedin → www.linkedin.com/in/sursinus ● Various other social website's
  5. 5. Purpose of this presentation ● Knowledge about how IBM Connections (DSX/Waltz) integrates with WIM/VMM ● Knowledge about what to do when some things don't work in IBM Connections ● Why IBM States in documentation that some attributes of LDAP need to be mapped to certain COLUMNS in the PEOPLEDB ● Beter understanding how things work so you can play with configs in your environment when needed (warning : leave default as much as possible)
  6. 6. Agenda ● Websphere Identity Manager components ● Explaining DSX ● How does this all work together ● Example ● Recap ● Questions
  7. 7. What do we call WIM ?
  8. 8. What do we call WMM/VMM ?
  9. 9. What do we call DSX ? ● DSX stands for Directory Service Extension ● Is part of IBM Connections profiles and communities ● Is enabled in LotusConnections-config.xml – <sloc:serviceReference profiles_directory_service_extension_enabled="true " serviceName="directory"/> ● WALTZ = Client for DSX and VMM (or LDAP) ● WPI = Waltz Profile Integration ● WCI = Waltz Communities Integration
  10. 10. So what is VMM ● VMM is basically an LDAP of its own ● With its own Schema ● Schema can be manipulated ● <node_profile>configcells<CellName>wim – config – model ● wimconfig.xml & wimdomain.xsd & wimxmlextension.xml
  11. 11. Login properties
  12. 12. Login properties ● So the login properties are LDAP attributes ? NO! ● As said before VMM has its own schema ● The first VMM login property is a special one because that is mapped to userPrincipal ● Connections applications use this userPrincipal property to interface with WPI
  13. 13. DSX ● /profiles/dsx/instance.do?login=<userPrincipal> ● /profiles/dsx/instance.do?idKey=<GUID> ● /communities/dsx/instance.do? idKey=<COMMUNITY_UUID> ● /communities/dsx/membership.do? idKey=<GUID>&role=<1 or 2 or 3>
  14. 14. WPI Output example <?xml version="1.0" encoding="UTF-8"?> <feed xmlns:dsx="http://www.ibm.com/xmlns/prod/sn/dsx" xmlns="http://www.w3.org/2005/Atom"> <entry> <dsx:type>0</dsx:type> <dsx:idKey>DA196B2C-59A3-A631-C125-7A4F0052EE36</dsx:idKey> <dsx:name>Thije Beldman</dsx:name> <dsx:email>Thije.Beldman@linkedx.nl</dsx:email> <dsx:dn>CN=Thije Beldman,OU=nl,O=linkedx</dsx:dn> <dsx:sourceUrl>ldap://ics-lx-dom.linkedx.nl:389/(undefined=_search_base_)?(&amp; (uid=*)(objectclass=inetOrgPerson)) </dsx:sourceUrl> <dsx:userState>0</dsx:userState> <dsx:login>tbeldman</dsx:login> <dsx:login>thije.beldman@linkedx.nl</dsx:login> <dsx:ext prop="base$profileType">default</dsx:ext> <dsx:ext prop="acl$profile.status.update">true</dsx:ext> </entry> </feed>
  15. 15. DSX ● /profiles/dsx/instance.do?login=<userPrincipal> ● /profiles/dsx/instance.do?idKey=<GUID> ● /communities/dsx/instance.do? idKey=<COMMUNITY_UUID> ● /communities/dsx/membership.do? idKey=<GUID>&role=<1 or 2 or 3>
  16. 16. WCI Output example <feed xmlns="http://www.ibm.com/xmlns/prod/sn/dsx"> <entry> <dsx:type>2</dsx:type> <dsx:idKey>9b320be5-d604-4219-99bb-82fdc895883f</dsx:idKey> <dsx:name>Info</dsx:name> <dsx:privacy>0</dsx:privacy> <dsx:orgID></dsx:orgID> <dsx:internalOnly>true</dsx:internalOnly> </entry> </feed>
  17. 17. DSX ● /profiles/dsx/instance.do?login=<userPrincipal> ● /profiles/dsx/instance.do?idKey=<GUID> ● /communities/dsx/instance.do? idKey=<COMMUNITY_UUID> ● /communities/dsx/membership.do? idKey=<GUID>&role=<1 or 2 or 3>
  18. 18. DSX Configuration ● LotusConnections-config.xml ● <sloc:serviceReference profiles_directory_service_extension_enabled="true" serviceName="directory"/> ● directory.services.xml (is not used anymore afaik) ● custom_user_id_attribute ● custom_group_id_attribute ● ldap_group_membership_directory_service_enabled (undocumented)
  19. 19. Member tables ● Every app has its own member table ● Because of independent developed applications in IBM TAP's environment ● DSX (WPI/WCI) is the VMM for IBM Connections ● WALTZ is the glue between DSX and VMM ● http://www.stickfight.co.uk/blog/Connections-Db- Schema-Tip2-Finding-the-UserID ● Basically every application member table is a profiles table on its own
  20. 20. Example ● EmployeeID (attribute available according domino schema) ● Not default available in VMM schema ● VMM schema need to be extended ● Can then be used by VMM ● Can then be used by DSX/Waltz – <sloc:serviceReference profiles_directory_service_extension_enabled="true " custom_user_id_attribute="EmployeeID" serviceName="directory"/>
  21. 21. wimxmlextension.xml <?xml version="1.0" encoding="UTF-8"?> <sdo:datagraph xmlns:sdo="commonj.sdo" xmlns:wim=" http://www.ibm.com/websphere/wim"> <wim:schema> <wim:propertySchema nsURI="http://www.ibm.com/websphere/wim" dataType="String" multiValued="false" propertyName="EmployeeID"> <wim:applicableEntityTypeNames>PersonAccount </wim:applicableEntityTypeNames> </wim:propertySchema> </wim:schema> </sdo:datagraph>
  22. 22. Example ● EmployeeID (attribute available according domino schema) ● Not default available in VMM schema ● VMM schema need to be extended ● Can then be used by VMM ● Can then be used by DSX/Waltz – <sloc:serviceReference profiles_directory_service_extension_enabled="true " custom_user_id_attribute="EmployeeID" serviceName="directory"/>
  23. 23. Recap ● We have talked about WIM and VMM ● We have talked about DSX and what it does for IBM Connections ● We have talked about WALTZ and where it is used for ● Member tables have been explained as well ● I have shown how all these different components work together ● I have shown where config settings can be applied and how they need to be applied
  24. 24. Thank you for the sponsors

×