Direct links to fixes
bpm.8560.cf1.delta.repository.1
bpm.8560.cf1.delta.repository.2
Version 7.5.1 Fix Pack 2 for the IBM Business Process Manager products
Download Version 8.0.1 Fix Pack 3 for the IBM Business Process Manager products
Version 8.5.0 Fix Pack 2 for the IBM Business Process Manager products
Version 8.5 Refresh Pack 7 for the IBM Business Process Manager products
APAR status
Closed as program error.
Error description
Group membership for users is currently refreshed upon logging in to the Process Portal. In certain scenarios, it is necessary to update group membership triggered by a script or administrative task to avoid time consuming refresh operations upon login. This interim fix provides such scripts and administrative tasks.
Local fix
n/a
Problem summary
Provide scripts and administrative tasks to manually trigger group membership refresh PROBLEM DETAILED DESCRIPTION: During login into the portal, group membership that is stored in the WebSphere Application Server's User Registry is updated for the user that logs. If a change is detected, this change is reflected in the database and relevant participant groups. Task specific or participant group specific expressions, so called dynamic groups, might also be affected by this change in the group membership. Therefore, all dynamic groups are updated to reflect the correct membership and authorization. In certain scenario or if there are many dynamic groups in the system, the login into the portal might take very long. To get around this performance issue, there are two administrative actions to execute: I. Disable refresh of dynamic groups during login. 1. Locate the configuration file 100Custom.xml in your server / cluster environment and add this configuration option: <server merge="mergeChildren"> <update-dynamic-groups-on-login>false </update-dynamic-groups-on-login> </server> 2. Synchronize all nodes so the updated configuration is applied to all servers. 3. Restart the server / cluster members to allow them to pick up the updated configuration. 4. You can verify the correct configuration by inspecting the file TeamWorksConfiguration.running.xml in your profile's config directory. II. Execute the administrative script groupMembershipFullUpdate that is provided by this interim fix to update group membership and dynamic groups by an administrator. This interim fix provides four new administrative scripts and AdminTasks for usage by wsadmin which were originally introduced in version 8.5: groupMembershipFullUpdate [options] Updates the User Registry group membership of all users that are known to BPM. At the end of the group membership update, dynamic groups are updated once if at least one group membership update was detected. groupMembershipUpdate [options] <userID1> <userID2> ... <userIDn> Updates the User Registry group membership of the users passed with this command. If an user ID is passed that is unknown to BPM, this users is created within BPM. At the end of the group membership update, dynamic groups are updated once if at least one group membership update was detected. usersFullSync [options] Synchronizes all users available from the User Registry. No group membership is updated. This admin task is equivalent to the "Full Synchronize" command in the Process Admin Console. usersSync [options] <userID1> <userID2> ... <userIDn> Synchronizes the passed users from LDAP. No group membership is updated. This admin task is equivalent to the "Synchronize" command in the Process Admin Console. Options: -username <username> -password <password> -host <server host name> -port <server SOAP port number> Usage sample on a node running a windows version of Business Process Manager: 1. switch to <profile>\bin and execute setupCmdLine.bat 2 stay in directory <profile>\bin and execute <install>\BPM\Lombardi\tools\security\ groupMembershipFullUpdate.bat For other scripts and other platforms, execute similar steps
Problem conclusion
The administrative scripts and tasks allow you to synchronize users and group membership when necessary. FIX AVAILABILITY: iFix for 7.5.1.0 is available on Fix Central, search for APAR JR48507 at http://www.ibm.com/support/fixcentral/ iFix for 8.0.1.1 is available on Fix Central, search for APAR JR48507 at http://www.ibm.com/support/fixcentral/ iFix for 8.0.1.2 is available on Fix Central, search for APAR JR48507 at http://www.ibm.com/support/fixcentral/ Fix is also targetted for inclusion in next fixpack for BPM V7.5.1, BPM 8.0.1 When obtaining any of the above fixes, be sure to download the accompanying readme, for itself, and any prerequisite fixes, and review them thorougly.
Temporary fix
Comments
APAR Information
APAR number
JR48507
Reported component name
BPM STANDARD
Reported component ID
5725C9500
Reported release
751
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
2013-11-15
Closed date
2014-01-23
Last modified date
2014-01-23
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
BPM STANDARD
Fixed component ID
5725C9500
Applicable component levels
[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSFTDH","label":"IBM Business Process Manager Standard"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"7.5.1","Line of Business":{"code":"LOB45","label":"Automation"}}]
Document Information
Modified date:
31 August 2023