No Shared Pages with LDAP Login

  • 7000677
  • 16-Jun-2008
  • 27-Apr-2012

Environment

Novell Identity Manager User Application 3.6.0

Situation

After User Application installation, the first time a user logs into the User Application using a full LDAP DN they will not see
any Shared Pages that where created in the Administration portlet. Even on subsequent logins, with the same user, using a simpleid, the user will never see
the shared pages, until you restart JBoss.
This is caused by the SECURITYPERMISSIONS table principalname column will being populated with the default container information.
This was found to be a bug in Novell Identity Manager User Application Installer 3.6.0.


Resolution

There two ways to correct this:

1. If your database does not contain any custom data, you can:

shutdown application server

run configupdate tool to update "User Container DN" field,

drop and recreate the database

and restart the application server

It will populate database with correct data.


2. If your database already has the custom data, you can:


run the following SQL statement on SECURITYPERMISSIONS table.


update SECURITYPERMISSIONS set principalname = 'LDAPRealm\cn=admin,NEW_USER_CONTAINER' WHERE principalname = 'cn=admin,ou=medical-idmsample,o=novell'

update SECURITYPERMISSIONS set principalname = 'LDAPRealm\cn=admin-prov,NEW_USER_CONTAINER' WHERE principalname = 'cn=admin-prov,ou=medical-idmsample,o=novell'

update SECURITYPERMISSIONS set principalname = 'LDAPRealm\NEW_USER_CONTAINER' WHERE principalname = 'ou=medical-idmsample,o=novell'


NOTE: NEW_USER_CONTAINER is the user container customer is using, in our sample data, it is ou=medical-idmsample,o=novell, but in customer env, it could be ou=users,o=corporation. So NEW_USER_CONTAINER is replacible string which fits customer env.

Status

Reported to Engineering