PQ73174: WEBSPHERE INSTALLATION AND CUSTOMIZATION BOOK NEEDS TO BE UPDATED TO REFLECT ACL LDAP COMMAND CHANGE FOR Z/OS 1.4.

APAR status
Closed as documentation error.

Error description
Installation and Customization book -> Chapter 4 ->"Adding a new
Administrator for the Administration Application." -> "Steps for
updating the Access Control List for ldap",
.
Step 3 in this section should be updated as follows:
.
Extract the current access control list with the ldapcp command
In case you are using z/OS 1.4 please use the ldapsearch command
documented in Security Server LDAP Server Administration and
Use, chapter 23, SC24-5923.
.
For example the ldapsearch command to use for z/OS 1.4 would be:
ldapsearch -p 1389 -h 127.0.0.1 -D "cn=<adminid>" -w <password>
-b "o=WASNaming,c=us" -s base "objectclass=*" aclEntry
aclPropagate aclSource entryOwner ownerPropagate ownerSource
.
where the <adminid> is the value of the entry owner access id
and <password> is the value of the userpassword value.
Local fix Problem summary
****************************************************************
* USERS AFFECTED: All users of WebSphere Application Server    *
*                 V4.0.1 for z/OS and OS/390                   *
****************************************************************
* PROBLEM DESCRIPTION: The WebSphere for z/OS: Installation    *
*                      and Customization publication should    *
*                      be updated to include correct           *
*                      distinction between the ldapcp and      *
*                      ldapsearch commands.                    *
****************************************************************
* RECOMMENDATION:                                              *
****************************************************************
The WebSphere for z/OS: Installation and Customization
publication should be updated to include correct distinction
between the ldapcp and ldapsearch commands.
Problem conclusion
APAR PQ73174 requires changes to documentation.

A change to V4.0.1 WebSphere for z/OS: Messages and Diagnosis
GA22-7837-06 will be available in the next refresh of the
documentation. To access the latest online documentation, go to
the product library page at:

www.ibm.com/software/webservers/appserv/zos_os390/library/

The following change appears in the book on page 223:

3. Extract the current access control list.

- If you are running z/OS 1.3 or earlier, extract the current
access control list with the ldapcp command.
Example:
/u/myself-> ldapcp -p 1389 -h 127.0.0.1 -d "cn=CBAdmin" -w *****
GLD6019I Communicating with server on port 1389.
ldapcp> acl q ob "o=boss,c=us"
 object = o=boss,c=us
 aclSource = O=BOSS,C=US
 aclPropagate = TRUE

 acl = access-id:CBADMIN:object:ad:normal:rwsc

 acl = access-id:CBSYMCR1:object:ad:normal:rwsc

 acl = group:CN=ANYBODY:normal:rsc

 acl = access-id:CN=BOSSAdmin,O=BOSS,C=US:object:ad:normal:rwsc

ldapcp>quit

- If you are running z/OS 1.4, use the ldapsearch command.
Example:
ldapsearch -p 1389 -h 127.0.0.1 -D "cn=<adminid>" -w <password>
-b "o=WASNaming,c=us" -s base "objectclass=*" aclEntry
aclPropagate aclSource entryOwner ownerPropagate ownerSource
where <adminid> is the value of the entry owner access id and
<password> is the value of the userpassword value.
Note: See Chapter 23 of Security Server LDAP Server
Administration and Use, SC24-5923, for more information about
the ldapsearch command.
Temporary fix Comments
APAR information
APAR number PQ73174
Reported component name WASKBASE
Reported component ID 5655A9801
Reported release 401
Status CLOSED DOC
PE NoPE
HIPER NoHIPER
Submitted date 2003-04-14
Closed date 2003-07-22
Last modified date 2003-07-22

APAR is sysrouted FROM one or more of the following:

APAR is sysrouted TO one or more of the following:

Modules/Macros

Fix information

Applicable component levels


Document Information


Product categories: Software > Application Servers > Distributed Application & Web Servers > WebSphere Application Server for z/OS
Operating system(s):
Software version: 401
Software edition:
Reference #: PQ73174
IBM Group: Software Group
Modified date: Jul 22, 2003