Jazz Forum Welcome to the Jazz Community Forum Connect and collaborate with IBM Engineering experts and users

LDAP configuration

Questions
Tags
Users
Badges
Milan Krivic
(98013176143) May 26 '09, 10:47 a.m.
Hi,

I established connection to Microsoft Active Directory on Jazz Team Server 1.0.1. I also accessed AD users, and added some of them to Project Area as a members. I tried to log in with some of AD users, but I couldn't! I read that I must configure Web Containter for LDAP in Tomcat (server.xml), but I found different insructions about parameters which must be configured:

<Realm>

Can anyone tell me which of these parameters are needed and is this solution for my problem?

Thanks,

0 votes

4 answers
7,086 views
0 votes

4 answers

Permanent link
Milan Krivic
(98013176143) May 26 '09, 10:48 a.m.
Hi,

I established connection to Microsoft Active Directory on Jazz Team Server 1.0.1. I also accessed AD users, and added some of them to Project Area as a members. I tried to log in with some of AD users, but I couldn't! I read that I must configure Web Containter for LDAP in Tomcat (server.xml), but I found different insructions about parameters which must be configured:

Realm
className="org.apache.catalina.realm.JNDIRealm"
debug="99"
connectionURL="ldap://ldap.company.com:3268"
authentication="simple"
referrals="follow"
connectionName="cn=LDAPUser,ou=Service Accounts,dc=company,dc=com"
connectionPassword="VerySecretPassword"
userSearch="(sAMAccountName={0})"
userBase="dc=company,dc=com"
userSubtree="true"
roleSearch="(member={0})"
roleName="cn"
roleSubtree="true"
roleBase="dc=company,dc=com"


Can anyone tell me which of these parameters are needed and is this solution for my problem?

Thanks,

0 votes

Permanent link
Milan Krivic
(98013176143) May 26 '09, 10:49 a.m.
Hi,

I established connection to Microsoft Active Directory on Jazz Team Server 1.0.1. I also accessed AD users, and added some of them to Project Area as a members. I tried to log in with some of AD users, but I couldn't! I read that I must configure Web Containter for LDAP in Tomcat (server.xml), but I found different insructions about parameters which must be configured:

Realm
className="org.apache.catalina.realm.JNDIRealm"
debug="99"
connectionURL="ldap://ldap.company.com:3268"
authentication="simple"
referrals="follow"
connectionName="cn=LDAPUser,ou=Service Accounts,dc=company,dc=com"
connectionPassword="VerySecretPassword"
userSearch="(sAMAccountName={0})"
userBase="dc=company,dc=com"
userSubtree="true"
roleSearch="(member={0})"
roleName="cn"
roleSubtree="true"
roleBase="dc=company,dc=com"


Can anyone tell me which of these parameters are needed and is this solution for my problem?

Thanks,

0 votes

Permanent link
Balaji Krish
JAZZ DEVELOPER (1.8k12) May 26 '09, 1:09 p.m.
Tech note : http://jazz.net/library/technote/92 explains configuring LDAP on Tomcat user directory.

-- Balaji
Jazz Server Team


Hi,

I established connection to Microsoft Active Directory on Jazz Team Server 1.0.1. I also accessed AD users, and added some of them to Project Area as a members. I tried to log in with some of AD users, but I couldn't! I read that I must configure Web Containter for LDAP in Tomcat (server.xml), but I found different insructions about parameters which must be configured:

Realm
className="org.apache.catalina.realm.JNDIRealm"
debug="99"
connectionURL="ldap://ldap.company.com:3268"
authentication="simple"
referrals="follow"
connectionName="cn=LDAPUser,ou=Service Accounts,dc=company,dc=com"
connectionPassword="VerySecretPassword"
userSearch="(sAMAccountName={0})"
userBase="dc=company,dc=com"
userSubtree="true"
roleSearch="(member={0})"
roleName="cn"
roleSubtree="true"
roleBase="dc=company,dc=com"


Can anyone tell me which of these parameters are needed and is this solution for my problem?

Thanks,

0 votes

Permanent link
Matt Lavin
FORUM MODERATOR / JAZZ DEVELOPER (2.7k2) May 28 '09, 8:49 a.m.
Do your LDAP group names match the Jazz group names exactly?
(JazzAdmins, JazzUsers).

If the group names don't match the Jazz groups exactly you would need to
update the web.xml in the jazz.war file to handle the differences.
https://jazz.net/wiki/bin/view/Main/LDAP4Dummies should have more
details about that process.


-
Matt Lavin
Jazz Server Team


On Tue, 2009-05-26 at 15:23 +0000, milan.krivic wrote:
Hi,

I established connection to Microsoft Active Directory on Jazz Team
Server 1.0.1. I also accessed AD users, and added some of them to
Project Area as a members. I tried to log in with some of AD users,
but I couldn't! I read that I must configure Web Containter for LDAP
in Tomcat (server.xml), but I found different insructions about
parameters which must be configured:

Realm
className="org.apache.catalina.realm.JNDIRealm"
debug="99"
connectionURL="ldap://ldap.company.com:3268"
authentication="simple"
referrals="follow"
connectionName="cn=LDAPUser,ou=Service
Accounts,dc=company,dc=com"
connectionPassword="VerySecretPassword"
userSearch="(sAMAccountName={0})"
userBase="dc=company,dc=com"
userSubtree="true"
roleSearch="(member={0})"
roleName="cn"
roleSubtree="true"
roleBase="dc=company,dc=com"


Can anyone tell me which of these parameters are needed and is this
solution for my problem?

Thanks,

0 votes

Your answer

Register or log in to post your answer.

Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.

Ask a question
Guidelines
FAQ
Search context
Follow this question

By Email: 

Once you sign in you will be able to subscribe for any updates here.

By RSS:

Answers
Answers and Comments
Question details

Question asked: May 26 '09, 10:47 a.m.

Question was seen: 7,086 times

Last updated: May 26 '09, 10:47 a.m.

Confirmation Cancel Confirm