Fixes are available
APAR status
Closed as program error.
Error description
Approver Initials: TR PROBLEM DESCRIPTION: LDAP search filters can be complex strings that contain logical AND (&), OR (|), and even NOT (!) values. If an OR character is used in the filter when configuring the TEMS, the resulting value is truncated. RECREATE INSTRUCTIONS: 1. Install the TEMS. 2. Configure the TEMS. Specify the following: . Security: Validate User ? [1=YES, 2=NO]: 1 . LDAP Security: Validate User with LDAP ? [1=YES, 2=NO]: 1 . Enter required LDAP user filter ?: (blah)(|blah) . For the rest of the LDAP questions, either use the default or . provide dummy responses. 3. Display the value of LDAP_USER_FILTER from kmsenv: . grep -r "LDAP_USER_FILTER" CANDLEHOME/config . The response will look something like this: . ./config/.ConfigData/kmsenv:TEMS|LDAP_USER_FILTER|(blah)(| . ./config/.ms.rc: . LDAP_USER_FILTER|KCIMS0050|$LDAP_USER_FILTER| -a 0 . ./config/.ms.rc: LDAP_USER_FILTER|null . ./config/.ms.rc: LDAP_USER_FILTER|null . ./config/ms.ini:KGL_LDAP_USER_FILTER=$LDAP_USER_FILTER$ . ./config/l337_ms_TEMS.config:KGL_LDAP_USER_FILTER='(blah)('
Local fix
After configuring the TEMS, manually change KGL_LDAP_USER_FILTER in theTEMS configuration file so that it has the complete filter value.
Problem summary
LDAP search filters can be complex strings that contain logical AND (&), OR (|), and even NOT (!) values. If an OR character is used in the filter when configuring the TEMS, the resulting value is truncated.
Problem conclusion
The character "|" is used in configuration files to denote separators for data. So if there are delimit characters in data stream, we need escape to another special key word such as: %7C to make sure the data stream will not be truncated when it is loaded. The fix for this APAR is contained in the following maintenance packages: | fix pack | 6.2.1-TIV-ITM-FP0004 | fix pack | 6.2.2-TIV-ITM-FP0004
Temporary fix
After configuring the management server, manually change KGL_LDAP_USER_FILTER in the management server configuration file so that it has the complete filter value.
Comments
APAR Information
APAR number
IZ80418
Reported component name
OMEG DIST INSTA
Reported component ID
5608A41CI
Reported release
622
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt
Submitted date
2010-07-16
Closed date
2010-09-14
Last modified date
2011-03-13
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
OMEG DIST INSTA
Fixed component ID
5608A41CI
Applicable component levels
R621 PSY
UP
[{"Line of Business":{"code":"LOB45","label":"Automation"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSTFXA","label":"Tivoli Monitoring"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"622"}]
Document Information
Modified date:
30 December 2022