APAR status
Closed as program error.
Error description
The LDAP repository WCM uses may be configured to use multiple branches (or organizational units) in a single realm where different users can exist, for example: cn=John Smith,ou=Portal Users,o=IBM cn=Joan Stevens,ou=WCM Users,o=IBM If the user DNs change for any reason (e.g. a user or organizational unit changes name), the member fixer module can not be used to update the user references in WCM items because it currently does not support updating users when their common name (cn) has changed. Problem Analysis: The member fixer module was constructing the new DNs based off the configured values in the wpconfig.properties file which only allowed for a single user suffix to be specified or it could only update the DN entry when the CN was the same. (ie organizational unit and/or organization could be different).
Local fix
The member fixer module's "alt_dn" mode now checks for specific mapped alternate DNs in the aptrixjpe.properties file before using the configured values in the wpconfig.properties file. You should perform the following steps to map user and group DNs in the aptrixjpe.properties file before running the member fixer module: User and group DN syntax changes should be mapped in the PortalServer\wcm\config\aptrixjpe.properties file like so: EXISTING_DN_KEY=NEW_DN_SYNTAX where: EXISTING_DN_KEY is the key constructed from the existing DN by replacing all equals characters "=" and spaces " " with underscores "_". NEW_DN_SYNTAX is the replacement DN syntax. For example, if you have a user branch with the following DN syntax: cn=Jane Smith,ou=Portal Users,o=IBM You construct the EXISTING_DN_KEY by replacing all "=" and " " with "_" in the DN, so in this example the EXISTING_DN_KEY will be: cn_Jane_Smith,ou_Portal_Users,o_IBM If you are changing the syntax of this branch to: cn=Jane Jones,ou=Portal,o=IBM The NEW_DN_SYNTAX will be the new DN as is. This gives you the following mapping entry in your aptrixjpe.properties file: cn_Jane_Smith,ou_Portal_Users,o_IBM=cn=Jane Jones,ou=Portal,o=IBM You can of course have mapping entries for multiple users that need to explicitly mapped to a new DN cn_Jane_Smith,ou_Portal_Users,o_IBM=cn=Jane Jones,ou=Portal,o=IBM cn_Mary_Jane,ou_WCM_Users,o_IBM=cn=Mary Smith,ou=WCM,o=IBM You could then run the member fixer as normal using the alt_dn option: http://[HOST]:[PORT]/wps/wcm/connect?MOD=MemberFixer&library=[LI BRARY_NAME]&alt_dn=UPDATE&fix=true
Problem summary
Member fixer module cannot update CN part of a users DN. Detailed Problem Description: The LDAP repository WCM uses may be configured to use multiple branches (or organizational units) in a single realm where different users can exist, for example: cn=John Smith,ou=Portal Users,o=IBM cn=Joan Stevens,ou=WCM Users,o=IBM If the user DNs change for any reason (e.g. a user or organizational unit changes name), the member fixer module can not be used to update the user references in WCM items because it currently does not support updating users when their common name (cn) has changed. Problem Analysis: The member fixer module was constructing the new DNs based off the configured values in the wpconfig.properties file which only allowed for a single user suffix to be specified or it could only update the DN entry when the CN was the same. (ie organizational unit and/or organization could be different).
Problem conclusion
The member fixer module's "alt_dn" mode now checks for specific mapped alternate DNs in the aptrixjpe.properties file before using the configured values in the wpconfig.properties file. You should perform the following steps to map user and group DNs in the aptrixjpe.properties file before running the member fixer module: User and group DN syntax changes should be mapped in the PortalServer\wcm\config\aptrixjpe.properties file like so: EXISTING_DN_KEY=NEW_DN_SYNTAX where: EXISTING_DN_KEY is the key constructed from the existing DN by replacing all equals characters "=" and spaces " " with underscores "_". NEW_DN_SYNTAX is the replacement DN syntax. For example, if you have a user branch with the following DN syntax: cn=Jane Smith,ou=Portal Users,o=IBM You construct the EXISTING_DN_KEY by replacing all "=" and " " with "_" in the DN, so in this example the EXISTING_DN_KEY will be: cn_Jane_Smith,ou_Portal_Users,o_IBM If you are changing the syntax of this branch to: cn=Jane Jones,ou=Portal,o=IBM The NEW_DN_SYNTAX will be the new DN as is. This gives you the following mapping entry in your aptrixjpe.properties file: cn_Jane_Smith,ou_Portal_Users,o_IBM=cn=Jane Jones,ou=Portal,o=IBM You can of course have mapping entries for multiple users that need to explicitly mapped to a new DN cn_Jane_Smith,ou_Portal_Users,o_IBM=cn=Jane Jones,ou=Portal,o=IBM cn_Mary_Jane,ou_WCM_Users,o_IBM=cn=Mary Smith,ou=WCM,o=IBM You could then run the member fixer as normal using the alt_dn option: http://[HOST]:[PORT]/wps/wcm/connect?MOD=MemberFixer&library=[LI BRARY_NAME]&alt_dn=UPDATE&fix=true An interim fix is available for this APAR from Fix Central at: http://www.ibm.com/eserver/support/fixes/fixcentral/swgquickorde r?brandid=2&productid=Workplace%20Web%20Content%20Management&fix es=6.0.1.2-WCM-PK57646 You will need to cut/paste the entire URL into a browser to resolve the address.
Temporary fix
Comments
APAR Information
APAR number
PK57646
Reported component name
WRKPLC WEB CON
Reported component ID
5724I2900
Reported release
60F
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt
Submitted date
2007-12-06
Closed date
2007-12-10
Last modified date
2008-02-22
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
WRKPLC WEB CON
Fixed component ID
5724I2900
Applicable component levels
R60G PSY
UP
[{"Business Unit":{"code":null,"label":null},"Product":{"code":"SUPPORT","label":"IBM Worldwide Support"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"6.0.1.2","Edition":"","Line of Business":{"code":null,"label":null}}]
Document Information
Modified date:
10 September 2020