Jazz Forum Welcome to the Jazz Community Forum Connect and collaborate with IBM Engineering experts and users

JTS-LDAP-Setup: New user could not be created (ID CRJAZ1551E)

Questions
Tags
Users
Badges
Fabian Rodriguez
(3115) retagged
Sep 30 '13, 9:57 a.m.
Hello,

I'm currently trying to set up Jazz Team Server on WebSphere Application Server using a DB2-Database and an OpenLDAP-Directory. At the step "Setup User Registry" the Connection test results positive, giving me as details a cryptic "{'hint.findGroupsForUserQuery':'{USER-DN}'}", however when finishing the step I get the error-message "The new user could not be created. See the details for more information.ID CRJAZ1551E"

When I take the User ID which I entered at the "Validate LDAP User" Popup and search it at /admin, then the user is found and I can also add it to the "Active Users", but even then after logging to /admin with that User, still "ADMIN" is shown in the upper right instead of the user name.

My LDAP-Parameters are taken from my working RTC2-Instance using the same LDAP-Server and environment.

My setup:
SLES 11
WebSphere Application Server 8.0.0.6
DB2 v9.7.0.7
Jazz Team Server 4.04


Any ideas what I'm doing wrong?

With Best Regards,

Fabian Rodriguez

0 votes

Comments
Krzysztof Kaźmierczyk
Sep 26 '13, 8:51 a.m.

Hi Fabian,
Please notice that the support for OpenLDAP is limited to best effort basis (https://jazz.net/wiki/bin/view/Deployment/CLMSystemRequirements403#A10_Identity_Management)

Anyway it could be good to look into jts.log file. in <WAS-INSTALL>/profiles/<your-profile>/logs directory. Please paste the output of that file here.

Fabian Rodriguez
Sep 26 '13, 9:39 a.m.

You can find the jts.log here: http://pastebin.com/eXQwNeBx

Karl Weinert
JAZZ DEVELOPER Sep 26 '13, 1:51 p.m.

Who are you logged in as? Try logging in with the LDAP account and continuing with setup.

Bo Chulindra
JAZZ DEVELOPER Sep 30 '13, 10:36 a.m.

Fyi, that "hint" is not meant to be shown in the web UI and you can ignore it. See {'hint.findGroupsForUserQuery':'{USER-DN}'} should not be surfaced to user (279010) for more information.

2 answers
6,519 views
0 votes

2 answers

Permanent link
Fabian Rodriguez
(3115) Sep 30 '13, 3:13 a.m.
I've now found a workaround: After analyzing the LDAP-queries I found out that the setup was querying for the mailadress with the uid, so I changed the mailadress of that user to match his uid (removing @mydomain.com) the setup worked flawlessly.

Thank you for all your answers :)

2 votes

Permanent link
Ralph Schoon
FORUM ADMINISTRATOR / FORUM MODERATOR / JAZZ DEVELOPER (63.9k33648) Sep 26 '13, 8:58 a.m.
On the LDAP setup page, there is a link to a description that explains what you can do to test if your settings are correct. I would suggest to follow that link and do the testing. There are different settings in WAS as well as in The teamserver.properties, if one of these does not work correctly, you see odd things happening. Another path you can go is to enable LDAP logging in the log4J settings in the various application folders in the server/conf/ folder. More logging might tell you what is going on. Also check the log files in general.

We provided some things we have seen with LDAP in https://jazz.net/library/article/662 . There are some troubleshooting appendices. It might be too specific for the LDAP we used back then and no match for you though.

0 votes

Your answer

Register or log in to post your answer.

Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.

Ask a question
Guidelines
FAQ
Search context
Follow this question

By Email: 

Once you sign in you will be able to subscribe for any updates here.

By RSS:

Answers
Answers and Comments
Question details
× 2,357
× 343

Question asked: Sep 26 '13, 8:27 a.m.

Question was seen: 6,519 times

Last updated: Sep 30 '13, 10:36 a.m.

Confirmation Cancel Confirm