Take care when deploying the HCL Connections Invite application using the TDS (Tivoli Directory Server)/SDS (IBM Security Directory Server) as user repository. The following information from the official documentation is wrong:
The following value includes the LDAP property used to map the user in LDAP to their Profiles GUID. In an Active Directory environment, for example, the default property is objectGUID
. Other known defaults are entryuuid
(IBM Security Director Integrator, formerly TDI),…
<profiles-connector>
<entry>
<attributes>
<attribute>
<value>${ldap:objectGUID}</value>
First, the value of the Attribute in the “selfregistration-config.xml” is missing, this would be: “<key>com.ibm.snx_profiles.base.guid</key>”.
By reading the documentation, you would set the <value> parameter to ${ldap:entryuuid}, if you do that, you would get the following error:
00000660 SelfRegistrat W Failed to get all the required attributes! required: ‘{${ldap:entryuuid}=entryuuid, ${ldap:sn}=sn, ${ldap:cn}=cn}’, received attributes: ‘{sn=sn: Mail, cn=cn: <e-mail>}’
The correct value for the parameter, when using TDS/SDS, would be “${ldap:ibm-entryuuid}”, so you should endup with the following:
<attribute>
<key>com.ibm.snx_profiles.base.guid</key>
<value>${ldap:ibm-entryuuid}</value>
<type>text</type>
</attribute>
Although there are some comments in the “selfregistration-config.xml” showing the right information, a few colleagues/friends including me found them to be a bit “misleading”. This will surely be corrected in the future.