| |
|
RSS Feed - WebSphere MQ Support
|
RSS Feed - Message Broker Support
|
  |
|
| Security hardening of IBM ACE admin web UI using LDAP |
« View previous topic :: View next topic » |
| Author |
Message
|
| Anupriya |
 Posted: Fri Jun 24, 2022 4:51 am Post subject: Security hardening of IBM ACE admin web UI using LDAP |
 |
|
Newbie
Joined: 22 Jun 2022
Posts: 2
|
Security hardening of IBM App Connect Enterprise admin UI using LDAP - Using node.conf.yaml.
As part of this task, Below steps are executed.
Created this group ACEWebUI_TEST in V-SED LDAP directory.
1.Below are the properties set up in the node.yaml file
RestAdminListener:
authorizationEnabled: true
basicAuth: true
authorizationMode: 'ldap'
port: 4401
ldapUrl: 'ldaps://**.**.**:636/ou=**,dc=**,dc=**'
ldapAuthorizeUrl: 'ldaps://**.**.**:636/ou=**,dc=**,dc=**?employeeType?sub?(uid={{username}})'
sslCertificate: '/GENERIC/SHRHA/SH1/ssl/**.jks'
sslPassword: 'brokerTruststore::sslpwd'
Security:
Node:
DataPermissions:
cn=**,ou=**,dc=**,dc=**:'read+:write-:execute-'
Permissions:
cn=**,ou=**,dc=**,dc=**:'read+:write-:execute-'
2. for SSL(ldaps) we set up truststore: '/GENERIC/SHRHA/SH1/ssl/**.jks'
3. To set the sslCertificate and sslPassword: Set the ssl mqsisetdbparms permissions
But ace web-UI connection test from the Web User Interface failing with this error code BIP2786W: An unexpected property 'Security/CN=ACEWebUI_TEST,OU=Global Groups,DC=**,DC=com' with value 'read+:write:execute-' was encountered when loading a YAML configuration
Please let us know how to resolve this issue ? |
|
| Back to top |
|
 |
|
|
|
| |
|
Page 1 of 1 |
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
|
|
