IBM Cloud Orchestrator Content Pack for OpenLDAP and Microsoft Active Directory Version 2.0. Content Pack for OpenLDAP and Microsoft Active Directory

IBM Cloud Orchestrator

Content Pack for OpenLDAP and Microsoft Active Directory

Version 2.0

Content Pack for OpenLDAP and

Microsoft Active Directory

IBM Cloud Orchestrator

Content Pack for OpenLDAP and Microsoft Active Directory

Version 2.0

Content Pack for OpenLDAP and

Microsoft Active Directory

Note

Contents

Preface . . . v

Audience . . . v

IBM Cloud Orchestrator Content Pack

for OpenLDAP and Microsoft Active

Directory . . . 1

Overview of an LDAP server and common parameters of functions. . . 1

Installing and configuring . . . 2

Upgrading . . . 2

Toolkit scenarios . . . 2

Register a Directory Server configuration . . . . 3

Unregister a Directory Server configuration . . . 3

Modify a Directory Server configuration . . . . 4

Perform an Active Directory user operation . . . 4

Perform a Active Directory group operation . . . 5

Perform an Active Directory rename user operation . . . 5

Perform an OpenLDAP user operation. . . 5

Toolkit developer's reference . . . 6

Environmental variables . . . 6 storehouse_ldap_int_path . . . 6 FactoryCtx . . . 6 Referral . . . 6 Business objects . . . 6 ldapServer . . . 7 ldapServerRegistrationData . . . 7 ldapServerUnregistrationData. . . 7 ldapServerUpdateData . . . 7 ldapJNDIConnection. . . 7 MSldapUser . . . 7 MSldapGroup . . . 7 MSldapObject . . . 7 OpenLdapUser . . . 7 MSLdapComputer . . . 7 Human services . . . 7

Modify LDAP Server . . . 7

Register LDAP Server . . . 7

Unregister LDAP Server . . . 7

Sample Active Directory Rename User Operation . . . 8

Sample Active Directory Group Operation . . 8

Sample Active Directory User Operation . . . 8

Sample OpenLDAP User Operation. . . 8

Business processes . . . 8

Modify LDAP Server . . . 8

Register LDAP Server . . . 8

Sample LDAP Operation . . . 8

Unregister LDAP Server . . . 8

Implementation services . . . 8

LDAPSearch . . . 8

Return Values of LDAPSearch . . . 9

LDAPUpdate . . . 9

Return Values of LDAPUpdate . . . 10

LDAPDelete . . . 10

LDAPInsert . . . 10

LDAPRename . . . 11

Set_CnDependend_UserFields . . . 11

Samples . . . 11

Importing XML into IBM Cloud Orchestrator . . . 12

Notices

. . . 15

Trademarks and Service Marks . . . . 17

Preface

This publication documents how to use the IBM Cloud Orchestrator Content Pack for OpenLDAP and Microsoft Active Directory.

Audience

This information is intended for content developers of IBM Cloud Orchestrator who implement or customize the content pack for OpenLDAP and Microsoft Active Directory.

IBM Cloud Orchestrator Content Pack for OpenLDAP and

Microsoft Active Directory

The IBM Cloud Orchestrator Content Pack for OpenLDAP and Microsoft Active Directory toolkit provides basic functionality through integration services to access an LDAP server from within Business Process Manager processes.

Supported versions

v _{IBM Cloud Orchestrator version 2.4}

v _{Microsoft Active Directory Windows 2008 and higher} v _{OpenLDAP version 2.4 and higher}

How the toolkit works

The toolkit uses Business Process Manager data objects to buffer, store, and access the LDAP objects of the LDAP server. For each LDAP data object, a BPM data object can be defined.

Samples of User and Group Business data are provided but they must be extended and customized based on your needs. Each implementation service delivers or requires these Business Process Manager objects as data containers.

The implementation service works with an attached Java-class, which handles this Business Process Manager data object and the rest of the given parameters. It can immediately use a newly defined Business Process Manager data object.

This custom data type must be provided to the corresponding implementation service by its name. The service provides this data type name to the underlying Java implementation, which can instantiate this object.

Customizing and defining data object type

For each customer and LDAP server there are other requirements of LDAP objects and their attributes. It is important to customize the business-process centric data objects. The user must define their own data object type, which contains all required attributes to provide this business process. The attributes of its object must be defined to the respect of the LDAP data structure. The decision between “Single Values” or “List-Values” for each attribute have been taken into account.

Overview of an LDAP server and common parameters of functions

Understand the LDAP server and the common parameters of the functions. LDAP servers are accessible by their primary protocol type, their IP, and their port number.

LDAP-URL: "ldap://10.102.91.12:389"

Each LDAP server provides a basic node, which must be used internally by the toolkit to complete the URL for accessing the data which is provided by the LDAP server.

LDAP-Base-DN: "CN=DOMAIN1,DC=MYCOM,DC=COM"

Combined URL, used in the toolkit results in: "ldap://10.102.91.12:389/CN=DOMAIN1,DC=MYCOM,DC=COM”

To be able to connect to the LDAP server, a login user and password must be provided:

Login User: "cn=user01,CN=Users,CN=DOMAIN1,DC=MYCOM,DC=COM" Login-Password: “xxxx”

This set of parameters in combination with the “Environment-Parameters”, which are needed for every access to the LDAP server, must be combined as a Map

Objectand attached to every function call as one single parameter.

Anonymous authentication, where no user name or password must be provided, is supported. In this case, "java.naming.security.authentication" must be set to "none". The sample UI stores this set of properties in the variable “jndiPropertiesMap”.

Installing and configuring

A good knowledge of IBM Cloud Orchestrator and of the Business Process Manager programming model is required for using the toolkit as a software development kit (SDK) for building new content.

The content pack contains the following items:

v _{The IBM Cloud Orchestrator Directory Server toolkit:}

SCOrchestrator_Directory_Services_Toolkit_<YYYYMMDD>.twx

v _{The XML definition file for the Directory Server Offerings and Actions to be} automatically created through the IBM Cloud Orchestrator Self-Service Catalog Population Tool: directory-services-offerings.xml

v _{Product documentation}

The following basic operations are provided: v _{Search Object by query}

v _{Update object} v _{Delete Object} v _{Insert Object} v _{Rename Object}

It contains UI samples which lead you through the usage of the implementation services.

Upgrading

If you already have the toolkit installed and are upgrading from SmartCloud Orchestrator V2.3 to IBM Cloud Orchestrator V2.4, because of changes in the structure of the self-service catalog and new version 2.4 architecture, you must make some adjustments manually to clean up the environment so that the toolkits can run. Make the following adjustments:

v _{Remove all the offerings under the category "Directory Services".} v _{Register all the LDAP servers again.}

Toolkit scenarios

First, you register the required Self-Service Offerings and Orchestrator Actions, based on the configuration parameters specified in each of the scenarios. The following scenarios are available:

v _{“Register a Directory Server configuration”} v _{“Unregister a Directory Server configuration”}

v _{“Modify a Directory Server configuration” on page 4} v _{“Perform an Active Directory user operation” on page 4} v _{“Perform a Active Directory group operation” on page 5}

v _{“Perform an Active Directory rename user operation” on page 5} v _{“Perform an OpenLDAP user operation” on page 5}

Register a Directory Server configuration

You can register the basic configuration parameters in IBM Cloud Orchestrator to access a Microsoft Active Directory server.

To run this scenario, perform the following steps:

1. Go to the Self-Service Catalog and open the Directory Services category. 2. Start the Register Directory Server offering. After the offering starts:

a. Specify the Directory Server URL, for example ldap://<IP or hostname>. b. Specify the Directory Server port.

c. Specify the base Distinguished Name.

d. Specify if the Server Authentication is anonymous or not. If the authentication is not anonymous, provide:

v _{The user name to connect to the Microsoft Active Directory server} v _{The password for the specified user}

e. Submit the offering.

Table 1. Configuration of the offering

Name Register LDAP Server

Category Directory Services

Process Register LDAP Server (SCOrchestrator_Directory_Server_Toolkit)

User interface Register LDAP Server (SCOrchestrator_Directory_Server_Toolkit)

Unregister a Directory Server configuration

You can unregister the basic configuration parameters to access a configured Directory Server server from IBM Cloud Orchestrator.

To run this scenario, perform the following steps:

1. Go to the Self-Service Catalog and open the Directory Services category. 2. Start the Unregister Directory Server offering. After the offering starts:

a. Select the Directory Server server configuration to be removed. b. Submit the offering.

Table 2. Configuration of the offering

Name Unregister LDAP Server

Category Directory Services

Table 2. Configuration of the offering (continued)

Process Unregister LDAP Server

(SCOrchestrator_Directory_Server_Toolkit)

User interface Unregister LDAP Server

(SCOrchestrator_Directory_Server_Toolkit)

Modify a Directory Server configuration

You can update the basic configuration parameters to access a configured Directory Server server in IBM Cloud Orchestrator.

To run this scenario, perform the following steps:

1. Go to the Self-Service Catalog and open the Directory Services category. 2. Start the Modify Directory Server offering. After the offering starts:

a. Select the Directory Server server configuration to be modified. b. Review and modify the Directory Server server URL.

c. Review and modify the Directory Server server port.

d. Review and modify the Directory Server Distinguished name.

e. Review and modify the username to connect to the Directory Server server. f. Review and modify the password for the specified user.

g. Submit the offering.

Table 3. Configuration of the offering

Name Modify LDAP Server

Category Directory Services

Process Modify LDAP Server (SCOrchestrator_Directory_Server_Toolkit)

User interface Modify LDAP Server (SCOrchestrator_Directory_Server_Toolkit)

Perform an Active Directory user operation

You can perform sample Directory Server user operations. To run this scenario, perform the following steps:

1. Go to the Self-Service Catalog and open the Directory Services category. 2. Start the Perform an Active Directory User Operation offering. After the

offering starts:

a. Select the Directory Server used by the user for various operations, for example, rename, update, insert, and delete.

b. Select the search base for CN= Users and click Search. c. Select the user and perform the operation.

Table 4. Configuration of the offering

Name Perform an Active Directory User Operation

Category Directory Services

Process Sample LDAP Operation

(SCOrchestrator_Directory_Server_Toolkit)

Perform a Active Directory group operation

You can perform sample Directory Server group operations. To run this scenario, perform the following steps:

1. Go to the Self-Service Catalog and open the Directory Services category. 2. Start the Perform an Active Directory Group Operation offering. After the

offering starts:

a. Select the Directory Server used by the user for various operations, for example, rename, update, insert, and delete.

b. Select the search base for CN= Group and click Search. c. Select the user and perform the operation.

Table 5. Configuration of the offering

Name Perform an Active Directory Group Operation

Category Directory Services

Process Sample LDAP Operation

(SCOrchestrator_Directory_Server_Toolkit)

User interface Sample Active Directory Group Operation (SCOrchestrator_Directory_Server_Toolkit)

Perform an Active Directory rename user operation

You can perform Active Directory rename user operations. To run this scenario, perform the following steps:

1. Go to the Self-Service Catalog and open the Directory Services category. 2. Start the Sample Active Directory Rename User Operation offering. After the

offering starts:

a. Select the Directory Server used by the user for various operations, for example, rename, update, insert, and delete.

b. Select the search base for CN= Users and click Search. c. Select the user and perform the operation.

Table 6. Configuration of the offering

Name Sample Active Directory Rename User Operation

Category Directory Services

Process Sample LDAP Operation

(SCOrchestrator_Directory_Server_Toolkit)

User interface Sample Active Directory Rename User Operation (SCOrchestrator_Directory_Server_Toolkit)

Perform an OpenLDAP user operation

You can manage user objects in OpenLDAP. To run this scenario, perform the following steps:

1. Go to the Self-Service Catalog and open the Directory Services category. 2. Start the Perform an OpenLDAP User Operation offering. After the offering

starts:

a. Select the Directory Server used by the user for various operations, for example, rename, update, insert, and delete.

b. Select the search base for CN= Users and click Search. c. Select the user and perform the operation.

Table 7. Configuration of the offering

Name Perform an OpenLDAP User Operation

Category Directory Services

Process Sample LDAP Operation

(SCOrchestrator_Directory_Server_Toolkit)

User interface Perform an OpenLDAP User Operation (SCOrchestrator_Directory_Server_Toolkit)

Toolkit developer's reference

This section contains reference information about the Business Process Manager artifacts exposed in the toolkit contained in the content pack. It is intended to be used by IBM Cloud Orchestrator content developers to extend the already available scenarios or to write new scenarios leveraging the building blocks available from the toolkit.

The following items are the main building blocks of the toolkit: v _{“Environmental variables”}

v _{“Business objects”}

v _{“Human services” on page 7} v _{“Business processes” on page 8} v _{“Implementation services” on page 8}

Environmental variables

Some environment variables are available so you can customize some behaviors when you run the use cases.

Environmental variables are defined in the toolkit in Toolkit Settings >

Environment.

storehouse_ldap_int_path

This variable specifies the default path on Storehouse where the LDAP server configurations get stored. The value of this variable must never be changed.

FactoryCtx

This variable specifies the default JNDI connection factory. The value of this variable must never be changed.

Referral

This variable specifies the JNDI service providers how to handle referral. Possible values are ignore and follow.

Business objects

ldapServer

This object is used to handle the configuration information required to allow Business Process Manager to connect to a LDAP environment, for example host name, credentials, and so on.

ldapServerRegistrationData

This object is used to hold the input parameters of the “Register LDAP Server” offering.

ldapServerUnregistrationData

This object is used to hold the input parameters of the “Unregister LDAP Server” offering.

ldapServerUpdateData

This object is used to hold the input parameters of the “Update LDAP Server” offering.

ldapJNDIConnection

This object is used to hold JNDI connection parameter and it is used in the Integration Services.

MSldapUser

This object is used as sample to hold MS LDAP User and it is used in the Integration Services.

MSldapGroup

This object is used as sample to hold MS LDAP Group and it is used in the Integration Services.

MSldapObject

This object is used as sample to hold MS generic LDAP Object and it is used in the Integration Services.

OpenLdapUser

This object is used as sample to hold Open LDAP User and it is used in the Integration Services.

MSLdapComputer

This object is used as sample to hold MS LDAP Computer and it is used in the Integration Services.

Human services

There are a number of Human Services artifacts available in the toolkit.

Modify LDAP Server

This is the Human Service that is used to collect the parameters required to edit an LDAP server configuration already stored in IBM Cloud Orchestrator.

Register LDAP Server

This is the Human Service that is used to collect the parameters corresponding to an LDAP server configuration to be created in IBM Cloud Orchestrator.

Unregister LDAP Server

This is the Human Service that is used to collect the parameters required to delete an LDAP server configuration already stored in IBM Cloud Orchestrator.

Sample Active Directory Rename User Operation

This is the Sample Human Service that shows how to perform LDAP User Rename Operation works.

Sample Active Directory Group Operation

This is the Sample Human Service that shows how to perform LDAP Group Operations.

Sample Active Directory User Operation

This is the Sample Human Service that shows how to perform LDAP User Operations.

Sample OpenLDAP User Operation

This is the Sample Human Service that shows how to perform Open LDAP User Operations.

Business processes

There are a number of the business processes available in the toolkit.

Modify LDAP Server

This business process update in IBM Cloud Orchestrator an already available configuration containing the parameters needed to connect to a LDAP Server.

Register LDAP Server

This business process registers in IBM Cloud Orchestrator a new configuration containing the parameters needed to connect to an LDAP Server.

Sample LDAP Operation

This business process is a sample that shows how to perform sample LDAP operation.

Unregister LDAP Server

This business process delete from IBM Cloud Orchestrator an already available configuration containing the parameters needed to connect to a LDAP Server.

Implementation services

There are a number of the implementation services available in the toolkit.

LDAPSearch

This function provides the ability to search every kind of LDAP objects, defined by the search query.

Parameters

Data

type Description and sample

ConnectionProperties HashMap HashMap containing all required properties. java.naming.security.authentication=”simple” java.naming.factory.initial=”com.sun.jndi.ldap. LdapCtxFactory” java.naming.referral=”follow” LDAPHost=”ldap://10.102.91.12:389“ BaseDN=”CN=DOMAIN1,DC=MYCOM,DC=COM” java.naming.security.principal=”cn=user01, CN=Users,CN=DOMAIN1,DC=MYCOM,DC=COM” java.naming.security.credentials=”xxxx”

queryBase String Inner LDAP node, under which the query should start to search for objects.

“CN=Users”

QueryFilter String LDAP Query for the search "(objectClass=user)" or

"(&(objectClass=user)(displayName=us*))"

ReturnType String Name of the BPM data object, which must be filled with the result from the LDAP query. It returns a list of this object type.

"MSLdapUser" AttributesRequested

CSV

String Comma-separated values of attributes, that must be requested and filled in the result data objects. Null/empty if all attributes must be fetched. "displayName,DN,CN" or “”

MaxResults int Number of results that must be returned maximum. 0 if unlimited.

"0"

SortByAttributesCVS String Comma-separated values of attributes, for which the search result must be ordered.

"displayName" or “”

ProxyDN String Value of the ProxyDN. Not supported in this version. ""

Return Values of LDAPSearch: The LDAPSearch returns a map of objects (Key,Object), which are identified by their key. The following keys and Objects are available for this function:

Key (String) Value data type Description and sample

"errCode" String Error Code or “SUCCESS”

"errMsg" _{String Details about the error, if errCode !=} SUCCESS

"resultObject" List of “BPM data Object”

The result collection of the specified BPM data type.

LDAPUpdate

This function provides the ability to update a LDAP objects with values from a given instance of a BPM data object.

Parameters

Data

type Description and sample

ConnectionProperties HashMap HashMap containing all required properties. LDAPObject2Update Specific

“BPM Data Object”

BPM data object, which contains a presentation of the LDAP data object attributes. Update function uses this attribute to update the LDAP server.

Instance of “MSLdapUser“

PropertyIdentKey String Name of the property field that identifies the ID or unique key of the object to be updated.

"distinguishedName" or “dn”

KeyAttributes String Comma-separated values of Attribute names that must be updated in the LDAP object.

"displayName"

ProxyDN String Value of the ProxyDN. Not supported in this version. ""

Return Values of LDAPUpdate: The LDAPUpdate returns a map of strings (Key,String), which are identified by their key. The following keys and values are available for this function:

Key (String) Value data type Description and sample

"errCode" String Error Code or “SUCCESS”

"errMsg" String Details about the error, if errCode != SUCCESS

LDAPDelete

This function provides the ability to delete LDAP objects.

Parameters

Data

type Description and sample

ConnectionProperties String HashMap containing all required properties.

distinguishedName_Value String Value of the Distinguished Name, which identifies the object that must be deleted.

“CN=User4Handle,CN=Users,CN=DOMAIN1, DC=MYCOM,DC=COM“

ProxyDN String Value of the ProxyDN. Not supported in this version.

""

LDAPInsert

This function provides the ability to insert LDAP objects with values from a given instance of a BPM data object.

Parameters

Data

type Description and sample

Parameters

Data

type Description and sample

LDAPObject2Insert Specific “BPM Data Object”

BPM data object, which contains a presentation of the LDAP data object attributes. Insert function uses this attributes to update the LDAP server.

Instance of “MSLdapUser“ keyDistinguished

NameName

String Name of the property field that identifies the ID or unique key of the object to be inserted.

"distinguishedName" or “dn”

KeyAttributes2InsertCSV String Comma-separated values of Attribute names that must be updated in the LDAP object.

"objectClass,displayName,cn"

ProxyDN String Value of the ProxyDN. Not supported in this version.

""

LDAPRename

This function provides the ability to rename an LDAP object.

Parameters

Data

type Description and sample

ConnectionProperties String HashMap containing all required properties.

keyDistinguishedName String Value of the Distinguished Name, which identifies the object that must be renamed.

“CN=User4Handle,CN=Users,CN=DOMAIN1,DC=MYCOM, DC=COM“

attributeToRenameCSV String Value for rename in place of keyDistinguishedName that is to be renamed.

“CN=RenameValueForUser,CN=Users“

ProxyDN String Value of the ProxyDN. Not supported in this version.

""

Set_CnDependend_UserFields

This function coordinates to set all attributes, that are in relation to the CN of a LDAP data object to their corresponding initial value for an Insert command. It is a helper function only and directly acts on the selected BPM data object that must be inserted. For more information, see the Sample-UI Implementation.

Samples

The toolkit contains one main sample (Sample LDAP Operation) that demonstrates the usage of all functions of the toolkit.

It provides the possibility to search, edit, delete, and insert an LDAP user object, as it is normally designed or provided for by the Microsoft LDAP server. It only demonstrates the usage of the toolkit and therefore you can only modify a subset of the par of that object. By using this restriction in the toolkit sample, you can also use this sample to search, edit, and delete other “object-Types”.

Importing XML into IBM Cloud Orchestrator

Refer to this sample XML file that you can use, with the Self-Service Catalog Population Tool, to create all the Offerings and Orchestration Actions required to leverage the capabilities provided by this content pack in IBM Cloud Orchestrator. <?xml version="1.0"?>

<catalog version="2.4"> <automation-categories>

<category>

<name>Directory Services</name>

<description>A set of offerings to perform Directory Service Operations</description> <icon>Application</icon> </category> </automation-categories> <offerings> <offering>

<name>Register LDAP Server</name>

<description>Register a new Directory Server configuration.</description> <icon>Application</icon>

<category-name>Directory Services</category-name> <process>

<name>Register LDAP Server</name> </process>

<user-interface>

<name>Register LDAP Server</name> </user-interface>

</offering> <offering>

<name>Unregister LDAP Server</name>

<description>Unregister Directory Server configuration.</description> <icon>Application</icon>

<category-name>Directory Services</category-name> <process>

<name>Unregister LDAP Server</name> </process>

<user-interface>

<name>Unregister LDAP Server</name> </user-interface>

</offering> <offering>

<name>Modify LDAP Server</name>

<description>Modify a registered Directory Server configuration.</description>

<icon>Application</icon>

<category-name>Directory Services</category-name> <process>

<name>Modify LDAP Server</name> </process>

<user-interface>

<name>Modify LDAP Server</name> </user-interface>

</offering> <offering>

<name>Perform an Active Directory User Operation</name>

<description>Sample Offering that shows how to manage User Objects in Microsoft Active Directory.</description>

<icon>Application</icon>

<category-name>Directory Services</category-name> <process>

</process> <user-interface>

<name>Sample Active Directory User Operation</name> </user-interface>

</offering> <offering>

<name>Perform an Active Directory Group Operation</name> <description>Sample Offering that shows how to manage Group

Objects in Microsoft Active Directory.</description> <icon>Application</icon>

<category-name>Directory Services</category-name> <process>

<name>Sample LDAP Operation</name> </process>

<user-interface>

<name>Sample Active Directory Group Operation</name> </user-interface>

</offering> <offering>

<name>Perform an Active Directory Rename User Operation</name> <description>Sample Offering that shows how to rename User

Objects in Microsoft Active Directory.</description> <icon>Application</icon>

<category-name>Directory Services</category-name> <process>

<name>Sample LDAP Operation</name> </process>

<user-interface>

<name>Sample Active Directory Rename User Operation</name> </user-interface>

</offering> <offering>

<name>Perform an OpenLDAP User Operation</name> <description>Sample Offering that shows how to manage

User Objects in OpenLDAP.</description> <icon>Application</icon>

<category-name>Directory Services</category-name> <process>

<name>Sample LDAP Operation</name> </process>

<user-interface>

<name>Sample OpenLDAP User Operation</name> </user-interface>

</offering> </offerings> </catalog>

Notices

This information was developed for products and services offered in the U.S.A. IBM®may not offer the products, services, or features discussed in this document in other countries. Consult your local IBM representative for information on the products and services currently available in your area. Any reference to an IBM product, program, or service is not intended to state or imply that only that IBM product, program, or service may be used. Any functionally equivalent product, program, or service that does not infringe any IBM intellectual property right may be used instead. However, it is the user's responsibility to evaluate and verify the operation of any non-IBM product, program, or service.

IBM may have patents or pending patent applications covering subject matter described in this document. The furnishing of this document does not grant you any license to these patents. You can send license inquiries, in writing, to:

IBM Director of Licensing IBM Corporation

North Castle Drive Armonk, NY 10504-1785 U.S.A.

For license inquiries regarding double-byte character set (DBCS) information, contact the IBM Intellectual Property Department in your country or send inquiries, in writing, to:

Intellectual Property Licensing Legal and Intellectual Property Law IBM Japan Ltd.

1623-14, Shimotsuruma, Yamato-shi Kanagawa 242-8502 Japan

The following paragraph does not apply to the United Kingdom or any other country where such provisions are inconsistent with local law:

INTERNATIONAL BUSINESS MACHINES CORPORATION PROVIDES THIS PUBLICATION “AS IS” WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF NON-INFRINGEMENT, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Some states do not allow disclaimer of express or implied warranties in certain transactions, therefore, this statement may not apply to you.

This information could include technical inaccuracies or typographical errors. Changes are periodically made to the information herein; these changes will be incorporated in new editions of the publication. IBM may make improvements and/or changes in the product(s) and/or the program(s) described in this publication at any time without notice.

Any references in this information to non-IBM Web sites are provided for

convenience only and do not in any manner serve as an endorsement of those Web sites. The materials at those Web sites are not part of the materials for this IBM product and use of those Web sites is at your own risk.

IBM may use or distribute any of the information you supply in any way it believes appropriate without incurring any obligation to you.

Licensees of this program who wish to have information about it for the purpose of enabling: (i) the exchange of information between independently created programs and other programs (including this one) and (ii) the mutual use of the information which has been exchanged, should contact:

IBM Corporation 2Z4A/101

11400 Burnet Road Austin, TX 78758 U.S.A.

Such information may be available, subject to appropriate terms and conditions, including in some cases, payment of a fee.

The licensed program described in this information and all licensed material available for it are provided by IBM under terms of the IBM Customer Agreement, IBM International Program License Agreement, or any equivalent agreement between us.

Any performance data contained herein was determined in a controlled

environment. Therefore, the results obtained in other operating environments may vary significantly. Some measurements may have been made on development-level systems and there is no guarantee that these measurements will be the same on generally available systems. Furthermore, some measurements may have been estimated through extrapolation. Actual results may vary. Users of this document should verify the applicable data for their specific environment.

Information concerning non-IBM products was obtained from the suppliers of those products, their published announcements or other publicly available sources. IBM has not tested those products and cannot confirm the accuracy of

performance, compatibility or any other claims related to non-IBM products. Questions on the capabilities of non-IBM products should be addressed to the suppliers of those products.

This information contains examples of data and reports used in daily business operations. To illustrate them as completely as possible, the examples include the names of individuals, companies, brands, and products. All of these names are fictitious and any similarity to the names and addresses used by an actual business enterprise is entirely coincidental.

Trademarks and Service Marks

IBM, the IBM logo, and ibm.com® are trademarks or registered trademarks of International Business Machines Corporation in the United States, other countries, or both. If these and other IBM trademarked terms are marked on their first occurrence in this information with a trademark symbol (® or™), these symbols indicate U.S. registered or common law trademarks owned by IBM at the time this information was published. Such trademarks may also be registered or common law trademarks in other countries. A current list of IBM trademarks is available on the Web at http://www.ibm.com/legal/copytrade.shtml.

Adobe, the Adobe logo, PostScript, and the PostScript logo are trademarks or registered trademarks of Adobe Systems, Incorporated, in the United States and/or other countries.

Intel, the Intel logo, Intel Inside, the Intel Inside logo, Intel Centrino, the Intel Centrino logo, Celeron, Intel Xeon, Intel SpeedStep, Itanium, and Pentium are trademarks or registered trademarks of Intel Corporation or its subsidiaries in the United States and other countries.

Java™and all Java-based trademarks and logos are trademarks or registered trademarks of Oracle and/or its affiliates.

Linux is a registered trademark of Linus Torvalds in the United States, other countries, or both.

Microsoft, Windows, Windows NT, and the Windows logo are trademarks of Microsoft Corporation in the United States, other countries, or both.

UNIX is a registered trademark of The Open Group in the United States and other countries.