correctDocumentStoreInstanceAuthorization command

If you switch to an external ECM server, your IBM BPM and external ECM environments have a shared user registry configured. IBM BPM will print warnings into the SystemOut.log file of the application cluster when it cannot authorize users on content artifacts because the users or groups are not available in the shared user registry. There can be several reasons for users or groups not being shared:

• The users or groups are defined in a file-based repository. In this case, no correction can be made.
• The users or groups are defined in a Lightweight Directory Access Protocol (LDAP) user repository, but the LDAP repository is not consistently connected to the two systems. For example, the base entry is not the same or different LDAP search filters are used.

You can correct the LDAP connection settings to enable users and groups to be shared. After correcting the connection settings, you can run the correctDocumentStoreInstanceAuthorization command to update the case and BPD instances or the team instances with the correct authorization information for the users and groups.

Prerequisites

The correctDocumentStoreInstanceAuthorization command is run using the AdminTask object of the wsadmin scripting client. The following conditions must be met:

• The command must be run on the deployment manager node.
• One or more application cluster members must be running.
• Run the command in connected mode. Do not specify the wsadmin -conntype none option.
• You must connect to the deployment manager with a user ID that has WebSphere Application Server operator privileges.

Location

Start the wsadmin scripting client from the profile_root/bin directory of the deployment manager profile (or the stand-alone server profile of IBM BPM Express). The correctDocumentStoreInstanceAuthorization command does not write to a log file, it directly responds with a message. However, the wsadmin scripting client always writes a profile_root/logs/wsadmin.traceout log file where you will find exception stack traces and other information.

Syntax

correctDocumentStoreInstanceAuthorization
-serverName server_name
-nodeName node_name
-clusterName cluster_name
-deName deployment_environment_name
-instanceID instance_ID
-teamID team_ID

Parameters

-serverName server_name

A required parameter that specifies the name of the WebSphere Application Server server that is hosting IBM BPM Express. If you specify the -serverName parameter, you must also specify the -nodeName parameter.

-nodeName node_name

A required parameter that specifies the name of the WebSphere Application Server node that is hosting IBM BPM Express. If you specify the -nodeName parameter, you must also specify the -serverName parameter.

-clusterName cluster_name

A required parameter that specifies the name of the IBM BPM application cluster.

-deName deployment_environment_name

A required parameter that specifies the name of the IBM BPM deployment environment.

-instanceID instance_ID

A required parameter that specifies the identifier of the case instance or BPD instance that will be updated with the correct user and group authorization information.

-teamID team_ID

A required parameter that specifies the identifier of the team instance that will be updated with the correct user and group authorization information.

You must specify the -clusterName parameter, or the -deName parameter, or both the -serverName and -nodeName parameters. As an alternative to specifying any parameters, you can invoke the command on a target object of type BPMDeploymentEnvironment, ServerCluster, or Server.

You must also specify one of the following parameters: