Manually populating the Profiles database 

Instead of using the Profiles population wizard, you can manually populate the database.


Before starting

Before starting this task, complete the steps in the Mapping fields manually topic.

(AIX only). An AIX limitation causes a file naming error when you extract the tdisol.tar archive. The system renames the profile-links.xsd to profile-links.xs. To resolve this issue, use the GNU Tar program, version 1.14 or higher, to extract the archive. Download the program from ftp://ftp.gnu.org/gnu/tar/ and install it as the default tar utility in the path. The default location for GNU Tar is /usr/local/bin.

The internal name of the Profiles database is PEOPLEDB.


About this task

After installing the Profiles database and defining mapping and validation...to populate the Profiles database:


Procedure

  1. Update the profiles_tdi.properties file to specify values for the following properties.

      Note: To locate this file, extract the tdisol.tar|zip file from the tdisol directory in your IBM Connections installation media. After extraction, the file is located in the <tdisol.tar|zip>/tdisol/TDI directory.

      The following list contains properties that review. Edit any property values that require editing for your configuration.

      source_ldap_url

        Universal resource locator of the LDAP directory. Enables programs to access the LDAP directory. Use the following syntax to specify the value:
        source_ldap_url=ldap://myldap.enterprise.example.com:389

      source_ldap_user_login

        If you cannot use Anonymous search, a user login name is required . Use the following syntax to specify the value:
        source_ldap_user_login=uid=wpsbind,cn=users,l=Bedford Falls, st=New York,c=US,ou=Enterprise,o=Sales Division,dc=example,dc=com

      source_ldap_user_password

        If you cannot use anonymous search, a user password is required (along with user login name). Use the following syntax to specify the value:
        {protect}-source_ldap_user_password=wpsbind

        Note: Tivoli Directory Integrator automatically encrypts any properties which have the {protect} prefix. If you do not want to encrypt these properties, remove the {protect} prefix.

      source_ldap_search_base

        A portion of the LDAP DN that must be part of all entries processed. This base usually contains the expected organization (o) value, such as source_ldap_search_base=o=ibm.com. Use the following syntax to specify the value:
        source_ldap_search_base=l=Bedford Falls,st=New York,c=US, ou=Enterprise,o=Sales Division,dc=example,dc=com

      source_ldap_search_filter

        A search filter to further refine the entries used. A typical value might be source_ldap_search_filter=cn=*. Use the following syntax to specify the value:
        source_ldap_search_filter=(&(uid=*)(objectclass=inetOrgPerson))

      source_ldap_use_ssl

        Required only if you are using SSL to authenticate. Specifies whether to use Secure Sockets Layer for the connection. Options are true or false.

      dbrepos_jdbc_driver

        JDBC driver used to access the Profiles database repository. The default value of the properties file references the DB2 database provided with Profiles as follows:
        dbrepos_jdbc_driver=com.ibm.db2.jcc.DB2Driver

        If you are using DB2, you do not need to modify this value. If you are using an Oracle database, change the value to reference an Oracle database. The following values are examples:
        dbrepos_jdbc_driver=oracle.jdbc.driver.OracleDriver 

        dbrepos_jdbc_driver=oracle.jdbc.pool.OracleConnectionPoolDataSource

        If you are using SQL Server, change the value to reference the SQL Server database. The following value is an example:
        com.microsoft.sqlserver.jdbc.SQLServerDriver

      dbrepos_jdbc_url

        Universal resource locator of the database that you created. This value specifies the peopledb database, and must include the port number. For example:

        • DB2: 

             jdbc:db2://localhost:50000/peopledb

        • Oracle: 

            jdbc:oracle:thin:@localhost:1521:PEOPLEDB

        • SQL Server: 

            jdbc:sqlserver://enterprise.example.com:1433;DatabaseName=PEOPLEDB

        .

      dbrepos_username

        The user name used to authenticate to the database that you created. Use the following syntax to specify the value:
        dbrepos_username=<db_admin_id>

      dbrepos_password

        The password used to authenticate to the database that you created. Use the following syntax to specify the value: 

        {protect}-dbrepos_password=act1vities

      You can provide values for additional properties if necessary.

  2. Optional: If you are setting the isManager field using a 1:1 mapping, ensure that you specified how to set the field in the map_dbrepos_from_source.properties file.

      For example, if your LDAP has an "ismanager" field that is set to a value of Y or N, your map_dbrepos_from_source.properties file might specify the following property: 

      PROF_IS_MANAGER=ismanager

      Notes:

      • If the source LDAP system uses a value other than Y or N to indicate whether the person is a manager, write a JavaScript™ function to map the value into a Y or N, and then provide a reference to that function here.

      • If you are setting the PROF_IS_MANAGER field based on PROF_MANAGER_UID references in other employee records, perform Step 5 instead of this step.

  3. Run the following script to create a file containing the distinguished names (DNs) to be processed from the source LDAP directory.

      Note: Before starting this step, ensure that you have completed the steps in the Mapping fields manually task.

      • AIX or Linux™: 

          ./collect_dns.sh

          Note: If the script does not run, you might need to enable its Executable attribute by running the chmod command first. The Executable attribute of a script can become disabled after the script is copied from a read-only medium such as DVD.

      • Microsoft™ Windows™: 

          collect_dns.bat

      The new file is named collect.dns by default but you can rename it if necessary. If you change the file name, update the source_ldap_collect_dns_file parameter in the profiles_tdi.properties file.

      After the script runs, it creates a log file called ibmdi.log in the <tdisol.tar|zip>/tdisol/TDI directory. Examine this file to find out whether any errors occurred during the process.

  4. Populate the database repository from the source LDAP directory by running the following script:

    • AIX or Linux: ./populate_from_dn_file.sh

    • Windows: populate_from_dn_file.bat

      Depending on how many records you are processing, this step could take many hours. For example, 5,000 records might take a few minutes, while half a million records could take over 12 hours. Tivoli Database Integrator prints a message to the screen after every 1,000 iterations to inform you of its progress.

      Notes:

      • If a failure occurs during processing, such as loss of the network connection to the LDAP directory server, start processing the names from where it was interrupted. Examine the PopulateDBFromDNFile.log file in the logs subdirectory to find out which distinguished name was last successfully processed. (The ibmdi.log file also tracks the tasks that you run.) Edit the collect.dns file to remove all entries up to and including the last successfully processed entry. Start the task again. You can repeat this step as many times as necessary until all the distinguished names are processed.

      • The script populates only those entries where the value for surname is not null.

  5. Optional: If you are setting the PROF_IS_MANAGER field based on PROF_MANAGER_UID references in other employee records, run the following script:

    • AIX or Linux: 

        ./mark_managers.sh

    • Windows: 

        mark_managers.bat

      The acceptable values for the PROF_IS_MANAGER field are Y or N. Y indicated that the person is a manager. Manager identification is not performed as part of the previous record population step because it must run across all the records and it is possible that the initial record population step does not complete in a single pass for large organizations.

  6. Run the following script file to populate the Country table from the isocc.csv file:

    • AIX or Linux: 

        ./fill_country.sh

    • Windows: 

        fill_country.bat

  7. Optional: Create any of the following tables that are relevant for your organization, and then populate the local database repository with that information:

      Department codes

        If your organization uses department codes, create a table that contains one line per entry. In each entry, include a department code, followed by a separator (such as a semicolon), and then a department description. Name the table deptinfo.csv and store it in the solution directory. After building the table, run the following script file:

        • AIX or Linux: 

            ./fill_department.sh

        • Windows: 

            fill_department.bat

      Employee type codes

        If your organization uses employee type codes, create a table that contains one line per entry. In each entry, include an employee type code, followed by a separator, such as a semicolon, and then an employee type description. Name the table emptype.csv and store it in the solution directory. After building the table, run the following script file:

        • AIX or Linux: 

            ./fill_emp_type.sh

        • Windows: 

            fill_emp_type.bat

      Organization codes

        If you use organization codes, create a table that contains one line per entry. In each entry, include an organization code, followed by a separator, such as a semicolon, and then an organization description. Name the table orginfo.csv and store it in the solution directory. After building the table, run the following script file:

        • AIX or Linux: 

             ./fill_organization.sh

        • Windows: 

            fill_organization.bat

      Work location codes

        If your organization uses work location codes, create a table that contains one line per entry. In each entry, include a work location code, followed by a separator, such as a semicolon, and then a location description. Name the table workloc.csv and store it in the solution directory. After building the table, run the following script file:

        • AIX or Linux: 

            ./fill_workloc.sh

        • Windows: 

            fill_workloc.bat

      Tivoli Directory Integrator properties
      IBM Connections maps LDAP properties with Tivoli Directory Integrator configuration parameters.

      Batch files for processing Profiles data
      IBM Connections provides several batch files that automate the collection and processing of LDAP data for the Profiles database.

      Populating a large user set
      Populate the Profiles database from an LDAP directory with a large user population.


Parent topic

Add LDAP data to the Profiles database

Related concepts
Administer Profiles


Related tasks


Use the Profiles population wizard
Use the Profiles population wizard in silent mode
Mapping fields manually
Populating the Profiles database

Related reference
Attribute mapping for Profiles
Population functions for populating ID into PROF_GUID
Profiles attributes


   

 

});

+

Search Tips   |   Advanced Search