Table of Contents
Advertisement
Currently, WMM support the following major commercial LDAP servers:
IBM Tivoli Directory Server
Microsoft® Active Directory®
SunOne Directory Server
IBM Lotus Domino Application Server
Novell eDirectory
WMM implements the wmmLDAP as an abstraction layer, in which for each type of the
supported LDAP servers, WMM provides an adapter module to shield the implementation
details of the LDAP servers from application developers. This way, it is able to provide a
standard set of Member Repository APIs for applications, like WebSphere Portal, to manage
uses and groups.
Optionally, you can use a look-aside profile repository adapter to interact with a look-aside
repository using one of the available commercial databases with a schema defined by the
Member Manager. The look-aside repository is used to store member attributes that cannot
be stored in the member's main profile repository (such as the wmmLDAP). In Member
Manager, the look-aside repository is referred to as wmmLookAside and the adapter is
referred to as the wmmLookAside adapter. Although you can technically use wmmLookAside
in conjunction with wmmDB repository, it is likely unnecessary, since all functionalities
supported by the wmmLookAside is also supported by wmmDB.
Every member managed by Member Manager requires a unique identifier. A unique identifier
allows a member profile to be easily retrieved. Member Manager provides two types of unique
identifiers:
memberDN
display purposes. memberDN is unique and may be changed and reused. After a member
is deleted from Member Manager, a new member can be created and reuse the
memberDN of the deleted member. An example of a memberDN of a Person "Jane Doe" is
"uid=janedoe,ou=people,ou=sales,o=acme.com".
memberUniqueId
member is created, the value of that memberUniqueId will not be changed, even if the
member is deleted. A new member cannot reuse the value of the memberUniqueId of the
deleted member.
The memberDN therefore uniquely identifies a member at a single point in time while the
memberUniqueId, due to its characteristic of never being reused, uniquely identifies a
member over time. In the example above, the person "Jane Doe" may change a job and work
for a new organizational unit "marketing", so the new memberDN then becomes
"uid=janedoe,ou=people,ou=marketing,o=acme.com", but the memberUniqueId is still the
same.
The memberUniqueId in WMM can be mapped to a unique attribute in the LDAP server. The
examples of memberUniqueId might be ibm-entryUUID for IBM Tivoli Directory Server, or
objectGUID for Microsoft Active Directory.
Depending on your usage of member profile data, you may want to use the memberDN or
both the memberDN and the memberUniqueId.
Since memberDN values are readable, they are suitable for display purpose. The
memberUniqueId values are not guaranteed to be readable and therefore may be unsuitable
for display. Since a memberDN can be changed and reused, if your application receives a
memberDN from Member Manager, puts the memberDN in some form of storage, and
subsequently uses that memberDN with Member Manager, there is no guarantee that
memberDN will not refer to a different member than the one to which it previously referred.
88
IBM WebSphere Portal V6 Self Help Guide
is a distinguished name for a member, and is convenient for identification and
is unique, static, and never reused. That is, once memberUniqueId for a
Advertisement
Table of Contents
Troubleshooting
