How to set up a new ADAM

Well that first question didn't get any responses (I'm really in a bind - no pun intended), so I'll try this.  How do organizations have adam set up for high availability?  When Lawson installed our LSF 9.0 system, they put adam on one web server.  Now that system is down and I don't know how to get adam to respond to an instance on another machine.  Do I need to reinstall the LSF and put the new web server name in the install.cfg file? 

 You should really know what you're doing and why you are doing all of these things, before you start to 'fix' what you're trying to do. 

1) Do you have LDAP bind in place and is it active? You will need to unbind before you repoint Lawson to use the new *Lawson* ADAM instance.

2) Is your new copy of ADAM a mirror copy of the current ADAM instance? I sure hope from your standpoint it is.

3) You can 'repoint' Lawson to look at the new ADAM instance, using the ssoconfig tool. (There are menu options to do that, and I'm not going to tell you which ones to use. :*)

Note: this is NOT a step-by-step recipe for using a new ADAM instance. This is only a high-level list of things to look at.

That should be a start in your quest to do what you want to do. You can contact me offline to discuss in further detail if you want.

-Roger

 

Hello,

If you have been able to restore the ldap successful and can browse to it via ldap browser on another server. Without a successful ldap restore to another server, these steps will not work. You mentioned that you have another server that is a replicating ADAM instance so sounds like you are already there.

2 schools of thought:
1st:
Protect yourself from this in the future. Put a Load Balancer between your Lawson LDAP and Lawson. Have the network team have the LB with the address of your ldap. Start Lawson. No changes required - more or less.

2nd:
Changing Lawson to an ldap that already exists.
1st. Ensure that all existing lawson services are down. If you see any - kill them or ensure a stop by rebooting the server (assuming Windows). However, before the reboot, make sure that the start scripts (if any) will not be started upon reboot and/or services are manually started vs automatic.
2nd. Backup the following file %LAWDIR%/system/authen.dat. I.e. cp authen.dat authen.dat.. This is an xml file that should NEVER be modified manually but is where your ldap settings are stored and used by Lawson upon startup. You can "view" this file to see it's current settings.
3rd. Run ssoconfig -c, this can be run when the Lawson system is down. Select option "Change Lawson authentication data store settings". Run through the steps to change your setup of the ldap. The only settings you should change should be related to the "Provider URL for the default RM LDAP server". Hopefully all other settings are unchanged as you have a replicated instance.

Good Luck,
Bart

Thanks for the info. Sorry this was such an idiot question, Lawson is the only system at our shop that uses adam so I have no resources to fall back on. I will work on getting a load balancer set up (had one at one time but was removed after Lawson wouldn't help with a system issue until it we did). The system that I'm trying to restore is a test system that I use to play 'what if" on - what if I install this patch, what if I lose a web server, .... Let's me learn a lot of things.

Once again I appreciate the help, that was the piece of the puzzle that I was missing. I knew it was something "simple" but I didn't know where it was.... It's all working fine now.

One more question, this worked great on a system that i have not done a ldapbind on. If the system is "bound", does the procedure change?

I would unbind from your AD and then rebind to the same AD after your Lawson new ldap instance has been installed.

 

As long as where you are bound to has not changed you should be ok. If you need to fix your bind you can re-run the ldapbind vs having to unbind and rebind. Just make sure to NEVER delete the backup file that is created by running the ldapbind command.

You do not need to undo ldapbind. You can use ssoconfig use option (3) Change Lawson authentication data store settings to point your LSF environment to a new ADAM instance. You will need to restart Lawson after that.