It's all about the answers!

Ask a question
QuestionsTagsUsersBadges
Guidelines | FAQ
Follow this question
Question details

×12,008
×7,478
×4,321

question asked: Sep 08 '14, 11:41 a.m.
question was seen: 3,602 times
last updated: Sep 17 '14, 3:02 a.m.

Related questions

Impact of Switching LDAP Registries

0
Jamie Moore (757) | asked Sep 08 '14, 11:41 a.m.
I have a current CLM installation using LDAP. I am migrating this installation to a different LDAP registry. I know that I will have to "Import Users" from the new LDAP into CLM, but there are some ramifications to this that I have questions about.

First question: Is there a way to import the users (and assign them to Project Areas/Process Roles) an automated fashion such that I don't have to do this manually?

Second question: The LDAP ID format in the current LDAP registry is firstname.lastname. In the new one, it is XXX9XXX. Is there a way to map the users from the old LDAP to the users of the new LDAP? Meaning, that artifacts created by user ids under the current LDAP are switched to the new LDAP user ids?

Third question: is there a way to programmatically change the User Label to the user's name when importing from the LDAP registry? By default, it places XXX9XXX in the User Label.

We are trying to make this conversion with as little impact to the user community as possible.

Any thoughts/suggestions are most welcome!

Accepted answer

1
permanent link
Ralph Schoon (63.5k33646) | answered Sep 08 '14, 11:55 a.m.
FORUM ADMINISTRATOR / FORUM MODERATOR / JAZZ DEVELOPER
What you really want to do is to have the same ID in both LDAP systems for each user or, if that is not possible, change the ID's for the users in CLM before switching to the new LDAP.

You don't want to have new users created for each new LDAP entry, you want to reuse the old users. See https://rsjazz.wordpress.com/2012/10/12/changing-the-jazz-user-id-using-the-rtc-plain-java-client-libraries/ for some ideas.
Jamie Moore selected this answer as the correct answer
Comments
Jamie Moore commented Sep 16 '14, 11:55 a.m.

Hey, Ralph;

This worked for switching the users in JTS, however, we were unsuccessful with switching the users in the CCM and QM applications.

In our installation, we have the following: https://jts.fpl.com/jts, https://ccm.fpl.com/ccm, and https://rqm.fpl.com/qm rather than the same servername/<application>.

Any thoughts? Is there a parameter that we can use? Or do we need to modify the code?

Jamie Moore commented Sep 16 '14, 12:10 p.m.

We also found another condition...the LDAP Nightly Sync overwrites the User Name with the User ID (LDAP ID). What are the ramifications if we turn OFF the LDAP Nightly Sync?

Ralph Schoon commented Sep 17 '14, 1:49 a.m.
FORUM ADMINISTRATOR / FORUM MODERATOR / JAZZ DEVELOPER

If the Sync overwrites the name with the ID, you got the LDAP property settings wrong in the CLM setup. You want to fix that rather than switching off the nightly sync.

Ralph Schoon commented Sep 17 '14, 2:34 a.m.
FORUM ADMINISTRATOR / FORUM MODERATOR / JAZZ DEVELOPER

With respect to the other tools, have you tried to run against the other servers?

Ralph Schoon commented Sep 17 '14, 3:02 a.m.
FORUM ADMINISTRATOR / FORUM MODERATOR / JAZZ DEVELOPER

I just ran the tool in my context - all applications where up. I ran the code only against the JTS. All the changed user ID's where pushed from the JTS to all my other registered applications. It took a minute or two, however the changes propagated through the system.

As an alternative, you can run the tool against any application - they use the same API. However, if you changed the data on the JTS you might either get stale data exceptions - while JTS  is distributing the changes - or the API might not find the user ID as it is already changed.

Your answer

Register or to post your answer.


Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.