Customer reported that the LDAP security setup does not succeed due to the limitation on the length of the LDAP USS path to server certificate directory field on the ISPF CAAESEC2 panel. The customer cannot specify their full LDAP Server Certificate USS path. Workaround using a symbolic link for certificate directory path was provided which is detailed in the resolution section of this Knowledge Article.
-------------------------- MLSS LDAP Security ---------------------------------
LDAP Server:..................... 000.000.000.000
LDAP Port:....................... 389
USS Path to LDAP Server Certificate:
\\xxxx.com\sysvol\xxx.com\scripts\AD\LDAP-SSL-Certs\xxxx.com\xxxnpadoce.xxx <==== Directory name incomplete due to length of this entry field on this panel
Base Distinguished Name:
Password Attribute:.............. userpassword
Hit ENTER to proceed with mount or PF3 to exit
Release : 2.0
Component : MF OPERATIONAL INTELLIGENCE
To allow the customer to avoid the length limitation for the USS path name on the MLSS ISPF CAAESEC2 panel, the workaround will be to create a symbolic link also known as "soft link" or "symlink" with a short enough name to fit on the panel field.
The symbolic link can be created in Linux via the following command:
ln -s physicalfilename symboliclinkname
The symboliclinkname would be entered on the MLSS ISPFCAAESEC2 panel, and it would then point to the physicalfilename.
This workaround can be used for any of the MLSS ISPF panel file or directory name fields that do not fit into the enterable field length.