It's all about the answers!

Ask a question

What happened rendering most RTC LDAP sync'ed logins invalid ?


long TRUONG (3654104140) | asked Dec 02 '14, 1:09 a.m.
 RTC 4.0.6 on Windows. All users (including the data collector) imported from LDAP.

Had conflicting settings (Xmx4G & Xms4G while init and max mem pools both set to 6G), so following IBM advises, and use Xmx6G and Xms6G without any pool settings. 

When restart Tomcat to make the change effective, 4 user logins became invalid, only the service account used to admin can log on. This is our server on TEST env in an isolated network, with URL spoofing for access, hence there are not too many users accessing the Jazz tools (RTC WI mostly, some occasional RRC), it's only the service admin account is in use most of the time.

We don't believe the modification has anything to do with the issue, we have changed the pools size before (though never to empty). We probably had not accessed the tools with any account besides the service admin account, this could have happened any time since the service up, more than 6 days ago.

We did experiment. while working with IBM support on stopping Tomcat service hung, with manual starts&stops of Tomcat, without going through the service.

We have logged the service account out of the box then back in. We have rebooted the server host. Note that for convenience we have accessed the tools right from the server (with DNS spoofing).

We are waiting for the nightly sync of LDAP and RTC to proceed. If the issue persists we will attempt a manual sync. Beyond that we don't know yet what to look into next: Any suggetions ?

Accepted answer


permanent link
sam detweiler (12.5k6189201) | answered Dec 02 '14, 7:30 a.m.
we had one occasion where  the userid used to access LDAP from JAZZ had the password changed without our knowledge
long TRUONG selected this answer as the correct answer

Comments
long TRUONG commented Dec 03 '14, 1:17 p.m. | edited Dec 03 '14, 1:18 p.m.
Thx Sam.

This is marked as the accepted answer as it led us to think of sync'ing our passwords across domains:


  • We have same set of 2 IDs per domain.
  • We need to use SAMreset to change passwds across domains
  • We did not for those IDs with issue.
  • The passwds expired in the TEST domain and we couldn't login there until we reset them with SAMreset.
Yes ... duh!

Your answer


Register or to post your answer.