Transforming and Migrating Internal and LDAP Configuration Data
Beginning with version 9.7, CentraSite does not support the SSX-based login module. If you are upgrading to 9.7 from an earlier version of CentraSite, you must transform and migrate the Internal and LDAP configurations from the old Registry Repository to the new CentraSite JAAS configuration.
To resolve this problem, a mechanism is available to migrate the Internal and LDAP login configuration in CentraSite.
You can transform and migrate the Internal and LDAP configurations to the new JAAS configuration by executing the generate JaasConfiguration command in the command line interface CentraSiteCommand.cmd (Windows) or CentraSiteCommand.sh (UNIX) of CentraSite. The tool is located in the directory <CentraSiteInstallDir>/utilities.
If you start this command line tool with no parameters, you receive a help text summarizing the required input parameters.
The parameters of the command are case-sensitive, so for example the parameter -url must be specified as shown and not as -URL.
The syntax of the command is as follows:
C:\SoftwareAG\CentraSite\utilities>CentraSiteCommand.cmd generate JaasConfiguration [-url <CENTRASITE-URL>] -user <USER-ID> -password <PASSWORD>
The input parameters are:
Parameter | Description |
-url | (Optional.) The URL of the CentraSite registry. Default value is http://localhost:53307. |
-user | The user ID of a registered CentraSite user. For example, a user who has the CentraSite Administrator role. |
-password | The password for the registered CentraSite user identified by the parameter -user. |
Example:
C:\SoftwareAG\CentraSite\utilities>CentraSiteCommand.cmd generate JaasConfiguration -url http://localhost:53307/CentraSite/CentraSite -user Administrator -password manage
The response to this command could be:
Executing the command : generate JaasConfiguration
Successfully executed the command : generate JaasConfiguration
The script generates the InternalLoginModule and LDAPLoginModule entries that correspond to the old Internal and LDAP configurations and saves the entries in the jaas.config file in the folder Software AG_directory/profiles/CTP/configuration. For each configured LDAP domain, the script creates user and group files that map internal (CentraSite) properties to external (LDAP) properties and saves the files in the Software AG_directory/profiles/CTP/configuration/com.softwareag.platform.config.propsloader directory.
The sample Jaas configuration file is as follows.
CentraSite {
com.softwareag.security.jaas.login.internal.InternalLoginModule sufficient
domain="INTERNAL"
alias="INTERNAL"
applyDomain="true"
create_group_principal="false"
internalRepository="C:/SoftwareAG/common/conf/users.txt";
com.softwareag.security.sin.is.ldap.lm.LDAPLoginModule required
domain="EUR"
url="ldap://ldap-server:389"
createGroupProperties="true"
creategroups="true"
dnprefix="cn="
noPrinIsAnonymous="false"
usecaching="false"
alias="EUR"
personobjclass="inetOrgPerson"
useaf="true"
grouprootdn="DC=EUR,DC=example,DC=com"
userrootdn="DC=EUR,DC=example,DC=com"
memberinfoingroups="false"
dnsuffix=",ou=user,OU=Germany,DC=EUR,DC=example,DC=com"
applyDomain="true"
createUserProperties="true"
groupobjclass="group"
uidprop="sAMAccountName";
};
Note: | The generate JaasConfiguration utility transforms only domains of type Internal and LDAP. If you have advanced JAAS configurations such as single-sign-on configurations, you must migrate them manually. |
Contact Support
|
Community
|
Feedback