Active Directory users removed and then re-added
Our Rational CLM Applications have a lot of user turnover due to the nature of government contracting. We currently use Microsoft Active Directory as our user manager. As we offboard users, we archive them in the Rational CLM Applications and then place the users into a temporary holding area in Active Directory until after a certain timeframe they are deleted from Active Directory. What we have found that if we create a user in Active Directory with the same userid that was once deleted, and restore the user that was archived in the Rational CLM Applications, this user is now assigned items that were once assigned to the deleted Active Directory user. It appears that the Active Directory user has a unique UUID issued by the Active Directory server but that the Rational Applications seem to base their lookups on username.
Is this by design or a defect with the Rational CLM Applications? |
Accepted answer
Matthew,
This is by design. I think your assumption of Microsoft AD using a unique identifier is most likely accurate, however the CLM implementation expects every username to be unique, so the unique identifier for a CLM user URL actually contains the user ID. For example, my user URL for the jazz.net system would be https://jazz.net/jts/users/majawors (majawors being my user ID).
It would probably be a good practice to check if a given user ID is in use by CLM before creating the record in the active directory. You could do this by appending the Jazz Users URL string to the front of the user ID you are about to create, and entering the URL in your browser should bring up the User Profile page in JTS, or else throw a 404 if it can't be found. ex) https://[host]/jts/users/[userID]
Hope this helps,
Mike Jaworski
Matthew Owenby selected this answer as the correct answer
|
Your answer
Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.
Comments
To my knowledge, IDs in CLM are "unique", which is to say the id "john_doe" will always be the same thing in CLM, irrespective of what it represents as a person or other external attributes. Once an ID is in the registry it is only changed from Active<>Archived.