Recommended Resources
Abstract
This technote covers collecting data for security configuration issues with IBM WebSphere Portal 6.1 on z/OS. Gathering this information before calling IBM Support will help to understand the problem and save time analyzing the data.
Content
If you already contacted IBM Support or must collect data to determine the nature of a problem in WebSphere Portal, review the following information as well as Collecting Data: Read first for WebSphere Portal.
Collecting Security Configuration Task specific information
Security configuration tasks addressed by this MustGather information include:
* Configuring Portal to use federated registry
* Configuring security to a Standalone LDAP server
* Adding a federated LDAP repository to the VMM configuration
* Adding a federated database repository to the VMM configuration
Note that this does not cover advance security configuration tasks or using third party security products.
1. Provide the following details about the problem:
- Version information for products involved:
- WebSphere Portal
- WebSphere Application Server
- LDAP (if the config task involves enabling/update to LDAP user registry)
- Database type and version
- Topology of the environment including whether the system is a stand-alone or clustered environment (if the latter, primary vs. secondary node)
2. Collect Job logs from any or all of the following jobs that may have been run, depending on your configuration scenario:
A. Configuring security to a stand-alone LDAP server
EJPSSELV
EJPSSEL
B. Configuring security to use federated repository
EJPSSEF
C. Configuring security to add a database to the federated repository
EJPSRACL
EJPSCRLA
EJPSDBNP
EJPSSEB
EJPSSENT
EJPSSERQ
D. Configuring security to add an LDAP to the federated repository
EJPSSERV
EJPSSER
EJPSSERQ
EJPSSERQ
EJPSSENT
EJPSSENT
3. Collect the following files from WebSphere Portal for the time period when the configuration task was attempted:
- Portal Server servant and control region job logs
- WAS (server1) servant and control region job logs (standalone Portal) or Deployment Manager servant and control region logs(clustered systems)
- <WP_profile_root>/config/cells/<cellname>/security.xml
- <WP_profile_root>/config/cells/<cellname>/nodes/<nodename>/servers/WebSphere_Portal/resources.xml (for a stand-alone Portal) or <Dmgr_profile_root>/config/cells/<cellname>/clusters/<cluster_name>/resources.xml (for clustered Portal system)
- <WP_profile_root>/config/cells/<cellname>/wim (including sub-directories)
- <WP_profile_root>/config/cells/<cellname>/fileregistry.xml
- If the configuration task involves enabling security for LDAP registry, LDIF export(s) or ldapsearch output of the WebSphere Portal administrator user, WebSphere Portal administrator group and a regular (non-admin) user from the LDAP
Note: For a clustered environment, please also submit the following configuration files from the deployment manager:
- <DMGR_profile_root>/config/cells/<cellname>/security.xml
- <DMGR_profile_root>/config/cells/<cellname>/nodes/<nodename>/servers/WebSphere_Portal/resources.xml (located in /clusters/<cluster_name> for clustered server)
- <DMGR_profile_root>/config/cells/<cellname>/wim (including sub-directories)
- <DMGR_profile_root>/config/cells/<cellname>/fileregistry.xml
- <DMGR_profile_root>/config/cells/<cellname>/variables.xml
Note: If you are manually submitting the files from both the WebSphere Portal server and the Deployment manager, please ensure that IBM Support can differentiate between the two sets of files.
Be certain to indicate the relevant details (date and time, test case, user ID, etc) to IBM Support in your communications, and use specific entries from the log to illustrate the problem reported if possible.
Send files to IBM Support by using the instructions outlined in Exchanging information with IBM Technical Support for problem determination.
Was this topic helpful?
Document Information
Modified date:
03 December 2021
UID
swg21398218