Am I correct in stating that ADAM and RM are the same thing? Or another way of stating it - ADAM is RM's "brand" of ldap?
Also is the security related 9.0 info also stored in ADAM?
:nix:
We use MS-ADAM for our LSF9 Lawson Security LDAP store.
RM information is stored in one portion of the tree.
Each portions of the Identity information is stored in another part of the tree.
Here is some info (from another post) about how the info is stored:
----------------------------------------------------------------------------
How ADAM is set up - a little bit of explanation.
This is how our ADAM looks like. We are running UNIX servers (Solaris 10) with MS-ADAM running on a Windows XP Professional box (actually, a virtual PC running on a blade in VMWare).
There are 3 parts of LSA security for a user:
. Edit RM Information [RM = Resources Manager]
. Manage Identities
. Edit Lawson Environment Information
1. Edit RM Information [RM = Resources Manager]
In LDAP:
. ADAM instance
. . cn=lwsn,dc-<your-adam-instance>
. . . O=lwsnrmdata
. . . . OU=resources <<------
This branch is the Users. One user - one RMID - per entry. Lawson considers Users to be Resources. Each entry is self-explanatory -- fill in as needed, compare to the LDAP entry. There is a one catch: Since Ldif entries only appear for filled-in items, all items have one additional setting that is not shown! That setting is the "missing" or "not filled in" setting. In some case this setting is significant. When I set up reporting on LDAP, using a VBA script, I had to specifically search for all possible settings, all possible groups, all possible roles, and report on items whether they were there or not.
Suggestion on managing this via Ldif: Be aware of the significance of "missing" entries.
2. Manage Identities
In LDAP:
. ADAM instance
. . cn=lwsn,dc-<your-adam-instance>
. . . O=lwsnSecData
. . . . OU-svcxref
. . . . . CN=<your-instance> <<--- UNIX login info
. . . . . CN=SSOP <<--- SSOP info - Active Directory
This is set up freakin' backwards! Each entry is not for the RMID, it's for the UNIX login or SSOP. So if you have more than 1 user who is using the same UNIX login or SSOP, there is only 1 entry for that UNIX login or SSOP, with multiple RMID's listed under it. For my reporting, I had to de-normalize this data by making separate entries for each and every RMID. That's the only way to link a UNIX login or an SSOP to the RMID, using a spreadsheet VLOOKUP.
(Note: It is possible to get this screwed up by having multiple UNIX logins or SSOP's pointing to the same RMID ... and that is not right, but due to the backwards nature of this kludge, it can & does occur.)
3. Edit Lawson Environment Information
[This is supposed to come entirely from LAUA. This should be relatively straight-forward. I haven't done anything with reporting here, so I have no suggestions.]
ADAM is not "RM's 'brand' of ldap." It is Microsofts' brand of ldap. You can also run RM using TDS (Tivoli Directory Service), another brand of ldap.
It is true to say that ADAM and TDS are the only supported brands of ldap for LSF.