TDI Solution Deep Dive - Social Connections 8

3.302 Aufrufe

Veröffentlicht am

Some information to work with IBM Connections, Tivoli Directory Integrator and User Synchronization

Veröffentlicht in: Technologie
  • Als Erste(r) kommentieren

TDI Solution Deep Dive - Social Connections 8

  1. 1. 6% Social Connections TDI Solution Deep Dive Christ stiittner Fritz In Ma 0 Gmbfl Germany 2 I - B05150“ U ‘ April 16—17,2015
  2. 2. 4. Citristoph St6'tti1er FRITZ 8: MACZIOL GmbH Germany 1 Working with ICS products since 15 years Specialized in IBM Connections and IBM Domino Infrastructure « Speaker at various events like ENGAGE, lCOi~! U:(, ConnectED Bavarian, Linux and Scripting Lover, Blogger to www. stoeps. de . " scripting101.org , A | BMCHAMPION, .. ’ SOCIAL CONNECTIONS 8 April 16-17, 2015 Boston .9 {Social Connections Christoph Stoettner — @stoeps
  3. 3. Configure a new TDI Solution Folder I Expand $CONNECTIONS_RO0T/ tdisolltdisol. tar| zip I with 5.0 no special update packages on fix central I Updates are directly copied to $CONNECTlONS_RO0TItdisol I TDI can be installed to any machine in your deployment I Often copied to DB2 host I Check TDIPATH in tdienv. sh I export TDIPATH= IoptllBMlTDIlV7.1.1 §§ Social Connections Christoph Sloettner - @stoeps OCIAL CONNECTIONS 8 April 16-17, 2015 Boston In
  4. 4. profiles_tdi. properties I Main configuration with I LDAP Connection parameter 0 Host 0 Bind User 0 LDAP Search & Base I Database parameter 0 JDBC Connection string 0 User Credentials I Dry run: I sync_updates_show_summary_onIy= true Christoph Stoettner-@stoeps 3 SOCIAL CONNECTIONS 8 April 16-17, 2015 Boston
  5. 5. profiles_tdi. properties (2) I More interesting properties I sync_updates_hash_field I sync_store_source_urI= true I sync_source_url_enforce= false I sync_source_url_override= faIse I perform_deIetion_or_inactivate_for_sync= true I sync_delete_or_inactivate= inactivate I Debugging I debug_managers| photos| pronounce| fill_codes I debug_draft| update_profile| collect| special Christoph Stoettner-@stoeps SOCIAL CONNECTIONS 8 April 16-17, 2015 Boston
  6. 6. sync_updates_hash_field setting in profiles_tdi. properties I Possible values I uid (default) I email I guid Matching accounts from LDAP and profilesDB are calculated with this value! I Possible Problems I User renaming I Reuse of mail address or shortname (uid) fifiocial Connections Christoph Stoettner - @stoeps '1 SOCIALCONNECTIONSS April 16-17, 2015 Boston
  7. 7. sync_updates_hash_field= uid I User is renamed I IBM Domino: UID/ shortname is multivalue I Microsoft Active Directory: 1. User deactivated, 2. new profile I User retires I Inactivated or deleted user within Profiles I User hires again I User is reactivated I other User with same UID hires I will get all data from old user account I Splitting of this content is not possible §§ Social Connections Christoph Sloettner - @stoeps OCIAL CONNECTIONS 8 April 16-17, 2015 Boston In
  8. 8. sync_updates_hash_field= email I User is renamed 1. User gets inactivated 2. New profile will be created I User retires I Inactivated or deleted user within Profiles I User hires again I User is reactivated I other User with same mail address hires I Will get all data from old user account (picture, tags, community membership) §§ Social Connections Christoph Sloettner - @stoeps SOCIAL CONNECTIONS 8 April 16-17, 2015 Boston
  9. 9. ~ 1 Social Connections User is renamed c All data synchronize with LDAP User retires :1 Inactivated or deleted user within Profiles r Within Domino the person document is deleted User hires again :1 Newly registered user has new guid * New profile : ‘ Duplicate login data -> no new profile You can use populate_from_dn_file. batlcollect. dns to sync this, because this always uses the UID for hashing Christoph Stoettner - @stocps SCCI . L CO. .'. -.'ECTIO April 16-17, 2015 Boston
  10. 10. 1 Javascript functions used within map_dbrepos_from_source. properties r Add function name with curley brackets F e. g. uid= {func_map_to_db_UID} v You can add your own: v. i'OIIOl'I[0IO1 v_i| IIl0l'0fIO)I-_ , =t= I-m-IL! I, ¥.I= I.II‘m= uut= ll my , I=o. ,-I-,1I'o_-v"' - . .I= IiIIJ. dI‘- . _-l; I-: II. I,| ’-. - v Removes value within peopleDB ,0 CJGS Christoph Stoettner-@stoeps SOCIAL CONNECTIONS 8 April 16-17, 2015 Boston
  11. 11. map_dbrepos_from_source. prope rties I Mapping of LDAP attribute to peopleDB fields I value= null I peopleDB field is not set I value= attributename (e. g. email= mail) I Be careful to not override editable fields of profiles I description= null I experience= null I value= {functionname} I Value is calculated through Javascript ll) - - I - 5.‘: Social Connections Christoph stzettner-@stoeps OCIAL CONNECTIONS 8 April 16-17, 2015 Boston
  12. 12. Batch-, Shellscripts Linux| AIX - ensure that following files are executable: I *. sh I netstore Christoph Stoettner - @stoeps 1 1 52 Social Connections OCIAL CONNECTIONS 8 April 16-17, 2015 Boston U‘) ! II
  13. 13. Running scripts within TDIsol generate a lock-file v when a script is interrupted the lock-file is still present r Blocks next run of the script (e. g. sync_all_dns. sh) r You can use clearLock. sh to remove the lock Christoph Stoettner - @stoeps 1 2 , O Oclfi Social Connections SOCIAL CONNECTIONS 8 April 16-17, 2015 Boston
  14. 14. collect_dns. sh I Creates collect. dns I Contains $DN of all users which are found through o LDAP Search Filter 0 LDAP Base 0 Bind User] Password I Good starting point for troubleshooting I Run collect_dns. sh I Check if missed people are included in collect. dns Christoph Sloettner-@stoeps 1:3. SOCIAL CONNECTIONS 8 April 16-17, 2015 Boston
  15. 15. v Reads from collect. dns « Adds and updates persons in peopleDB « Does not deactivate or delete users v Always hashes on UID r Troubleshooting r Enable Debugging in Add only one or some users to collect. dns and check yourlogs Christoph Stoettner - @stoeps 1.: ,0 Oclfi Social Connections SOCIAL CONNECTIONS 8 April 16-17, 2015 Boston
  16. 16. «* copy samplesldelete_or_inactivate_employees. in to TDISOL Format of delete_or_inactivate_employees. in = JI‘. Io-i-m= Ii'oI_-I1-i= IIIn. Il‘w =1‘-tIi= I‘-I"-m= I_-I »In. r=--Is~«= I_I-rs «I-= -;I"IIII= I.-I»~ I. I2II1M. :I"III= .I: Is~ «I Deletes or inactivates the user «I Last idea during troubleshooting « After this sync_all_d ns mostly synchronizes the user ,0 (FE Christoph Stoettner-@stoeps 15 SOCIAL CONNECTIONS 8 April 16-17, 2015 Boston
  17. 17. «I Create new users « Update users « Delete or inactivate users «* You should schedule a job to run this regularly! « Check employee. adds, employee. error, employee. updates, employee. deletes, employee. skip after run « synchronize users based on sync_updates_hash_field Christoph Stoettner - @stoeps 1:1 ,0 OCQE Social Connections SOCIAL CONNECTIONS 8 April 16-17, 2015 Boston
  18. 18. Dump photos and pronounce to file I You can export through dump_photos| pronounce_to_files. sh I save a file with value of uid and matching photo| pronounce I But you can use it too, if you already have photos of your users I Copy them to a folder I Rename them to uid. jpg I Create the matching script (use dump_*. sh) I Load the photos with load_photos_from_files. sh Christoph Sloettner-@stoeps 17 CIAL CONNECTIONS 8 April 16-17, 2015 Boston §_ 8 I - IIIII
  19. 19. fill_*. sh I some values within map_dbrepos_from_source. properties need extra data I stored in additional tables within peopleDB I You can add this content with the fill_*. sh scripts I You have to copy samples/ *_sample. csv to TDISOL A Christoph Sloettner-@stoeps 15 OCIAL CONNECTIONS 8 April 16-17, 2015 Boston U‘! iillil
  20. 20. Country I isocc. csv is source file for fill_cou ntry. sh I isocc. csv only contains small country isocodes I e. g. us; United States or de; Germany I so if you do not sync small written lsocodes to Prof_CountryCode -> no Country is displayed I Create a script within profiles_functions. js to get only small char I Extend isocc. csv with more values which are stored in your LDAP Country field 2 $3 Social Connections Christoph s. .:. ... ... @.. ... . | OCIAL CONNECTIONS 8 April 16-17, 2015 Boston U) ! II
  21. 21. I «I Like country following fields use additional tables: r deptinfo r orginfo F workloc «i so e. g. the value of workloc is not displayed, if empinst. workloc is empty mp--' l, l=I¢liluII, hILe| _', 'J= .I, II5 . II. -I. u= :- I'i'ta~, ~IhiouiuM: u;I. ~mIIittus1=iI-I. rII| l.I= |=I= ! Ii'AI40Ju Il'u-— 'i‘P= |', -III {¢_IuI'-r: l,l. .|I= I- III? !ni‘Iain-uvItat= I-9=f: tIIilII-t: IIIhv. ~vaII_-elm . IIIHHOI §i9)IC4l<l3l| !l; - alzgv, §Lfi'l! Dl0tOl, d0IIf‘. my-Or-. ui, !..1.é_ilII_cuoI2I: .u-=7,-Tl 13' : ¢t‘I-uii. -m_IIfI-r= ,nm, - tton-1:13.: -09:. »-rnfnutsl ttowna: (=Iou. ,nI= w;lat; .a: |:l.10I_ I) (Dig I ai TI I 0 T1 S Christoph Stoettner - @stoeps SOCIAL CONNECTIONS 8 April 16-17, 2015 Boston
  22. 22. Example Profile 1. Profiles My Profile My Network Directory Christoph Stoettner Senior Consultant IBM Champion Fritz &I.1aczio| GmbH IBM Collaboration Solutions Elsenheirrierstr 65 30637 Munchen Germany #49 (0) 89 4567853 CMISIODI7 Stcatlrwi@: tuaps Ioral Edit My Profie I only Twitterld and Colors are customized §§Social Connections Christoph Stoettner — @stoeps '— SOCIAL CONNECT| ONS8 April 16-17, 2015 Boston
  23. 23. Debugging I Enable debugging parameters within profiles_tdi. properties I e. g. debug_managers= true I Activate global debug in etcllog4j. properties I Change log4j. rootCategory= INFO, Default I log4j. rootCategory= DEBUG, Default Christoph Sloettner - @stoeps §§Socia| Connections SOCIAL CONNECTIONS 8 April 16-17, 2015 Boston
  24. 24. Irustsphere ¢f I s : -:;3nox FC3 alu 'HMETOACTGROUP VV cla . .|l SOFTWARE 8. CONSULTING r‘ I-g ‘J - I7 Fae .33. 1 . .. III n 5 .7 engage TRILOG GROUP -‘f‘= I V 7 “‘ y Hi hos , . . _ , p . .1rs E; I . Jnwnu 12" ark . _ ; Huckleann N%%w@mwm OJ okta Pd’: utttvws

×