Build Forge LDAP configuration
I've created an IBM Bluegroup named 'fds_buildforge' (with 3 members). Now Buildforge Login should check user is member of that group before getting access to the Build Forge Management console.
Need help how to set the LDAP domain properties in Build Forge. ldapsearch -x -h bluepages.ibm.com -b cn=fds_buildforge,ou=memberlist,ou=ibmgroups,o=ibm.com shows following result: # extended LDIF # # LDAPv3 # base <cn=fds_buildforge,ou=memberlist,ou=ibmgroups,o=ibm.com> with scope subtree # filter: (objectclass=*) # requesting: ALL # # fds_buildforge, memberlist, ibmgroups, ibm.com dn: cn=fds_buildforge,ou=memberlist,ou=ibmgroups,o=ibm.com objectClass: ibm-nestedGroup objectClass: groupOfUniqueNames objectClass: top ou: memberlist ou: ibmgroups o: ibm.com cn: fds_buildforge uniquemember: uid=025576724,c=de,ou=bluepages,o=ibm.com uniquemember: uid=109936724,c=de,ou=bluepages,o=ibm.com uniquemember: uid=108542724,c=de,ou=bluepages,o=ibm.com # search result search: 2 result: 0 Success # numResponses: 2 # numEntries: 1 Thanks for any help in advance Regards Andreas |
Accepted answer
Going over the ldapsearch results, you may want to use the following settings for your Build Forge LDAP configuration group options.
You will need to ensure the Group Unique Identifier list the keyword that list the user's LDAP identification (uniquemember) against the keyword that is associated with the user's LDAP record. Potentially from the LDAP group results listed, this should be "dn", but if not you will need to contact an LDAP administrator to verify which user LDAP record object is associated with the group LDAP record. ie: Group Search Base: cn=fds_buildforge,ou=memberlist,ou=ibmgroups,o=ibm.com Group Unique Identifier: uniquemember=%dn% Andreas Eisenhoffer selected this answer as the correct answer
Comments
Andreas Eisenhoffer
commented Jul 08 '13, 10:55 a.m.
Works fine with entries according your description !
|
Your answer
Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.