Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Problem mapping user to admin role

Posted on 2011-02-14
6
Medium Priority
?
2,101 Views
Last Modified: 2013-12-11
Im having a weird problem.

I have written the smallest of script that map a User to a role in the admin console.

AdminTask.mapUsersToAdminRole('[-accessids [user:ldap.server.local:636/CN=username,OU=PEOPLE,DC=domainname,DC=local ] -userids [CN=username,OU=PEOPLE,DC=domainname,DC=local ] -roleName administrator]')

AdminConfig.save()

Thats it....

When I go back in the console, I DO see the user mapped as an Admin.
But if I try to use this user to log into the console I get this error message:

[2/14/11 9:35:20:352 EST] 00000015 WebCollaborat A   SECJ0129E: Authorization failed for user username:ldap.server.local:636 while invoking GET on admin_host:/ibm/console/, Authorization failed, Not granted any of the required roles: administrator operator configurator monitor nobody

If I delete the user and do it using the console it works... but when Using scripts.... it does not...

Anyone have an idea about that?
0
Comment
Question by:Groupe Promutuel
6 Comments
 

Expert Comment

by:RishiBang
ID: 34902709
Hi promutuel,

Though you have mapped the user to the Admin Role using scripts the configuration will be updated
But the Admin Console as a web app may not be aware of this and you need to add the specific  user to the "console users"s section of the Admin Console.

Thanks,
Rishi.
0
 

Author Comment

by:Groupe Promutuel
ID: 34906952
If I go in the console, the users are listed as Administrator, in fact if I use a script to add two users and then go into the console and delete one of those two user, the second one starts to work...

I have opened a service call on IBM support regarding this issue.

btw: I also have restarted the WAS in between so it's not a restart to reload the config either.
0
 

Author Comment

by:Groupe Promutuel
ID: 34906964
Also sometimes... something like 1/10 time.. it does work... and both the users work ... but most of the time it does not...
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 2

Expert Comment

by:sunnysunny
ID: 34956962
Do you have a federated repository ? If yes then users must be unique across the ldap and file realm.
0
 
LVL 1

Assisted Solution

by:WebSphereGoddess
WebSphereGoddess earned 2000 total points
ID: 35159579
If your on WAS 7 ND, You may need to add a syncNode in there after you execute your save.  Are you running single server or cluster?  
0
 
LVL 1

Accepted Solution

by:
WebSphereGoddess earned 2000 total points
ID: 35478666
your script is correct.  I just tested it on V7.0.0.11.  However I had to bounce the environment before it would take... (node agents, dmgr, everything).
If after you do that let me know if your still having the problem.
0

Featured Post

Ask an Anonymous Question!

Don't feel intimidated by what you don't know. Ask your question anonymously. It's easy! Learn more and upgrade.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Verbose logging is used to diagnose garbage collector problems. By default, -verbose:gc output is written to either native_stderr.log or native_stdout.log.   It is also possible to redirect the logs to a user-specified file. This article will de…
This exercise is about for the following scenario: Dmgr and One node with 2 application server. Each application server contains it owns application. Application server name as follows server1 contains app1 server2 contains app1 Prereq…
Are you ready to place your question in front of subject-matter experts for more timely responses? With the release of Priority Question, Premium Members, Team Accounts and Qualified Experts can now identify the emergent level of their issue, signal…
Is your data getting by on basic protection measures? In today’s climate of debilitating malware and ransomware—like WannaCry—that may not be enough. You need to establish more than basics, like a recovery plan that protects both data and endpoints.…

963 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question