Giters

HCL-TECH-SOFTWARE / connections-automation

Deployment and upgrade automation scripts for HCL Connections 7.0 based on Ansible

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

No default value for WAS SSO domain name defined

marde16 opened this issue · comments

commented

There is no default value for variable __sso_domainname

connections-automation/roles/third_party/ibm/wasnd/was-dmgr-config-sso-update/templates/update_sso_config_in_global_security.py.j2

Line 9 in 97eb462

cmd=cmd+' -domainName {{ __sso_domainnames }}'

in vars defined.

connections-automation/roles/third_party/ibm/wasnd/was-dmgr-config-sso-update/vars/main.yml

Lines 1 to 19 in 97eb462

---
__was_install_location: "{{ was_install_location | default('/opt/IBM/WebSphere/AppServer') }}"
__profile_name: "{{ profile_name | default('Dmgr01') }}"
__was_cellname: "{{ was_cellname | default('ConnectionsCell') }}"
__app_profile_name: "{{ app_profile_name | default('AppSrv01') }}"
__default_nodename: "{{ inventory_hostname_short }}-node"
__nodeName: "{{ nodeName | default( __default_nodename ) }}"
__cluster_name: "App"
__serverName: "{{ __cluster_name }}-{{ inventory_hostname_short }}"
__dmgr_soap_port: "{{ dmgr_soap_port | default('8879')}}"
__was_username: "{{ was_username }}"
__was_password: "{{ was_password }}"
__now: "{{ lookup('pipe', 'date +%Y%m%d%H%M%S') }}"
__bin_dir: "{{ __was_install_location }}/profiles/{{ __profile_name }}/bin"
__tpl_file: "update_sso_config_in_global_security.py.j2"
__rsp_file: "{{ __bin_dir }}/update_sso_config_in_global_security.py"
__sso_config_enable: "{{ sso_config_enable | default(true) }}"

Without this value the 'Domain name' in the WAS SSO Settings is blank and "Users can only log into Profiles (KB0021626)"

commented

I found the root cause why the 'Domain name' in my environment is blank:

The ansible variable "ansible_domain" of the ansible host is empty.

connections-automation/roles/third_party/ibm/wasnd/was-dmgr-config-sso-update/tasks/create_sso_domainnames.yml

Lines 15 to 19 in 97eb462

- name: Single domain SSO
set_fact:
__sso_domainnames: ".{{ ansible_domain }}"
when:
- ansible_domain == __sso_external

It seems here should be the domain defined via a variable.

-- update --

After I read the documentation again I realized that I forgot to run the post-install playbook.

After the run the post install playbook set the Domain name, but as follows: .;.mydomain.com because the ansible variable "ansible_domain" of the ansible host is empty.

connections-automation/roles/third_party/ibm/wasnd/was-dmgr-config-sso-update/tasks/create_sso_domainnames.yml

Lines 6 to 10 in 97eb462

- name: Multiple domains SSO
set_fact:
__sso_domainnames: ".{{ ansible_domain }};.{{ __sso_external }}"
when:
- ansible_domain != __sso_external

It seems we need a differentiation between Single domain SSO with and without ansible_domain.