PQ74381: FIX INSTRUCTIONS FOR UPDATING ACL FOR LDAP TO REFLECT CHANGES INCASE OF TDBM IN INSTALLATION & CUSTOMIZATION GUIDE.

APAR status
Closed as documentation error.

Error description
Installation and Customomization book -> Chapter 4 -> "Steps for
updating the access control list for LDAP" needs to be modified
reflect the difference in the ACL entries in case customer is
using TDBM. The current examples shown are for the RDBM format.
.
Step 5 should be modified to say that incase you are using TDBM
you must ensure that your new aclentries are of the TDBM format.
.
Example for TDBM format aclentries (each in single line):
.
aclentry: group:CN=ANYBODY:normal:rsc
aclentry: access-id:racfid=CBSYMCR1,profiletype=user,o=WASLRAC
:normal:rwsc:sensitive:rwsc:critical:rwsc:object:ad
aclentry: access-id:racfid=CBADMIN,profiletype=user,o=WASLRAC
:normal:rwsc:sensitive:rwsc:critical:rwsc:object:ad
.
Make sure the aclentry you enter for the new administrator has
the above TDBM format incase you are using TDBM as your backend.
Local fix Problem summary
****************************************************************
* USERS AFFECTED: All users of WebSphere Application Server    *
*                 V4.0.1 for z/OS and OS/390                   *
****************************************************************
* PROBLEM DESCRIPTION: The WebSphere for z/OS: Installation    *
*                      and Customization publication should be *
*                      updated to include differentiation      *
*                      between RDBM and TDBM backend           *
*                      aclentries.                             *
****************************************************************
* RECOMMENDATION:                                              *
****************************************************************
The WebSphere for z/OS: Installation and Customization
publication should be updated to include differentiation between
RDBM and TDBM backend aclentries.
Problem conclusion
APAR PQ74381 requires changes to documentation.

A change to V4.0.1 WebSphere for z/OS: Messages and Diagnosis
GA22-7837-06 will be available in the next refresh of the
documentation. To access the latest online documentation, go to
the product library page at:

www.ibm.com/software/webservers/appserv/zos_os390/library/

The following change appears in the book on page 224:

Example: The following are examples of aclentry statements you
should use if your backend is RDBM.
aclentry: access-id:cn=BOSSAdmin, o=boss, c=us:normal:rwsc:
  object:ad
aclentry: access-id:USER1:normal:rwsc:object:ad
aclentry: access-id:CBADMIN:normal:rwsc:object:ad
aclentry: access-id:CBSYMCR1:normal:rwsc:object:ad
aclentry: group:CN=ANYBODY:normal:rsc
-

Example: The following are examples of aclentry statements you
should use if your backend is TDBM.
aclentry: group:CN=ANYBODY:normal:rsc
aclentry: access-id:racfid=CBSYMCR1,profiletype=user,o=WASLRAC:
  normal:rwsc:sensitive:rwsc:critical:rwsc:object:ad
aclentry: access-id:racfid=CBADMIN,profiletype=user,o=WASLRAC:
  normal:rwsc:sensitive:rwsc:critical:rwsc:object:ad
Temporary fix Comments
APAR information
APAR number PQ74381
Reported component name WASKBASE
Reported component ID 5655A9801
Reported release 401
Status CLOSED DOC
PE NoPE
HIPER NoHIPER
Submitted date 2003-05-20
Closed date 2003-07-22
Last modified date 2003-07-22

APAR is sysrouted FROM one or more of the following:

APAR is sysrouted TO one or more of the following:

Modules/Macros

Fix information

Applicable component levels


Document Information


Product categories: Software > Application Servers > Distributed Application & Web Servers > WebSphere Application Server for z/OS
Operating system(s):
Software version: 401
Software edition:
Reference #: PQ74381
IBM Group: Software Group
Modified date: Jul 22, 2003