JazzUsers Permission - Serious Problem!
Hi,
We have a serious problem! We are connected to LDAP user registry! We mapped JAZZ group JazzUsers to several LDAP groups (JazzUsers=JAZZ FIN USERS;JAZZ CAR USERS). When we make RTC Repository Connection with LDAP user who is, for example, in JAZZ FIN USERS group, in Jazz Web UI or in RTC client, we see that user with permission JazzUsers.
When that user want to make his own Repository Worskpace in RTC client, he get following message:
Problem
Permission denied during "Unknown Operation".
The user "s30daad" is not authorized to perform the operation. The "JazzUsers" role is required to perform this operation.
When we map mentioned LDAP groups to JazzAdmins group, we have not this problem!
Why this is happening?
Please, I would like answer ASAP, because this is the only thing which slow up us in configuring Jazz with LDAP...
Thanks,
We have a serious problem! We are connected to LDAP user registry! We mapped JAZZ group JazzUsers to several LDAP groups (JazzUsers=JAZZ FIN USERS;JAZZ CAR USERS). When we make RTC Repository Connection with LDAP user who is, for example, in JAZZ FIN USERS group, in Jazz Web UI or in RTC client, we see that user with permission JazzUsers.
When that user want to make his own Repository Worskpace in RTC client, he get following message:
Problem
The user "s30daad" is not authorized to perform the operation. The "JazzUsers" role is required to perform this operation.
When we map mentioned LDAP groups to JazzAdmins group, we have not this problem!
Why this is happening?
Please, I would like answer ASAP, because this is the only thing which slow up us in configuring Jazz with LDAP...
Thanks,
9 answers
Are you running under Tomcat or WAS? Have you tried using only a single
JazzUser group instead of two, just to see if that's the problem?
-
Matt Lavin
Jazz Server Team
On Mon, 2009-06-01 at 15:07 +0000, milan.krivic wrote:
JazzUser group instead of two, just to see if that's the problem?
-
Matt Lavin
Jazz Server Team
On Mon, 2009-06-01 at 15:07 +0000, milan.krivic wrote:
Hi,
We have a serious problem! We are connected to LDAP user registry! We
mapped JAZZ group JazzUsers to several LDAP groups (JazzUsers=JAZZ
FIN USERS;JAZZ CAR USERS). When we make RTC Repository Connection
with LDAP user who is, for example, in JAZZ FIN USERS group, in Jazz
Web UI or in RTC client, we see that user with permission JazzUsers.
When that user want to make his own Repository Worskpace in RTC
client, he get following message:
Problem
Permission denied during "Unknown Operation".
The user "s30daad" is not authorized to perform the
operation. The "JazzUsers" role is required to perform this
operation.
When we map mentioned LDAP groups to JazzAdmins group, we have not
this problem!
Why this is happening?
Please, I would like answer ASAP, because this is the only thing which
slow up us in configuring Jazz with LDAP...
Thanks,
I am running Jazz under Tomcat! I haven't tried to use only a single group. Thanks for your suggestion! I will try it tomorrow and I will write a result to this thread!
P.S. If you have any other suggestion, write please!
Regards,
P.S. If you have any other suggestion, write please!
Regards,
Are you running under Tomcat or WAS? Have you tried using only a single
JazzUser group instead of two, just to see if that's the problem?
-
Matt Lavin
Jazz Server Team
On Mon, 2009-06-01 at 15:07 +0000, milan.krivic wrote:
Hi,
We have a serious problem! We are connected to LDAP user registry! We
mapped JAZZ group JazzUsers to several LDAP groups (JazzUsers=JAZZ
FIN USERS;JAZZ CAR USERS). When we make RTC Repository Connection
with LDAP user who is, for example, in JAZZ FIN USERS group, in Jazz
Web UI or in RTC client, we see that user with permission JazzUsers.
When that user want to make his own Repository Worskpace in RTC
client, he get following message:
Problem
Permission denied during "Unknown Operation".
The user "s30daad" is not authorized to perform the
operation. The "JazzUsers" role is required to perform this
operation.
When we map mentioned LDAP groups to JazzAdmins group, we have not
this problem!
Why this is happening?
Please, I would like answer ASAP, because this is the only thing which
slow up us in configuring Jazz with LDAP...
Thanks,
Hi,
I have tried to use only a single jazz group. It works fine! But this problem with multiple groups doesn't work. I don't know is it funny or not, but when I map JazzUsers group to multiple LDAP groups (ex: JazzUsers=JAZZ
FIN USERS;JAZZ CAR USERS), LDAP users from group JAZZ CAR USERS can create their Repository Workspace, but for JAZZ FIN USERS, I get warning message which I mentioned (permission with role JazzUsers)...
Thanks,
regards,
I have tried to use only a single jazz group. It works fine! But this problem with multiple groups doesn't work. I don't know is it funny or not, but when I map JazzUsers group to multiple LDAP groups (ex: JazzUsers=JAZZ
FIN USERS;JAZZ CAR USERS), LDAP users from group JAZZ CAR USERS can create their Repository Workspace, but for JAZZ FIN USERS, I get warning message which I mentioned (permission with role JazzUsers)...
Thanks,
regards,
Are you running under Tomcat or WAS? Have you tried using only a single
JazzUser group instead of two, just to see if that's the problem?
-
Matt Lavin
Jazz Server Team
On Mon, 2009-06-01 at 15:07 +0000, milan.krivic wrote:
Hi,
We have a serious problem! We are connected to LDAP user registry! We
mapped JAZZ group JazzUsers to several LDAP groups (JazzUsers=JAZZ
FIN USERS;JAZZ CAR USERS). When we make RTC Repository Connection
with LDAP user who is, for example, in JAZZ FIN USERS group, in Jazz
Web UI or in RTC client, we see that user with permission JazzUsers.
When that user want to make his own Repository Worskpace in RTC
client, he get following message:
Problem
Permission denied during "Unknown Operation".
The user "s30daad" is not authorized to perform the
operation. The "JazzUsers" role is required to perform this
operation.
When we map mentioned LDAP groups to JazzAdmins group, we have not
this problem!
Why this is happening?
Please, I would like answer ASAP, because this is the only thing which
slow up us in configuring Jazz with LDAP...
Thanks,
Hi,
We are connected to LDAP user registry! We mapped JAZZ group JazzAdmins and JazzUsers to LDAP groups JazzAdmins=TestTACAdmin92 and JazzUsers=TestTACUser94.We have no problem loggin in. But when a person in JazzUser group tries to save a workitem, an exception is thrown with msg,
The user "<user>" is not authorized to perform the operation. The "JazzUsers" role is required to perform this operation.
Note:This user is a member of the JazzUsers group.
Also we observed that a User in JazzAdmins group is able to save a workitem.
Can anyone help me on this asap.
Thanks in advance,
Mala
We are connected to LDAP user registry! We mapped JAZZ group JazzAdmins and JazzUsers to LDAP groups JazzAdmins=TestTACAdmin92 and JazzUsers=TestTACUser94.We have no problem loggin in. But when a person in JazzUser group tries to save a workitem, an exception is thrown with msg,
The user "<user>" is not authorized to perform the operation. The "JazzUsers" role is required to perform this operation.
Note:This user is a member of the JazzUsers group.
Also we observed that a User in JazzAdmins group is able to save a workitem.
Can anyone help me on this asap.
Thanks in advance,
Mala
Hi,
We are connected to LDAP user registry! We mapped JAZZ group JazzAdmins and JazzUsers to LDAP groups JazzAdmins=TestTACAdmin92 and JazzUsers=TestTACUser94.We have no problem loggin in. But when a person in JazzUser group tries to save a workitem, an exception is thrown with msg,
The user "<user>" is not authorized to perform the operation. The "JazzUsers" role is required to perform this operation.
Note:This user is a member of the JazzUsers group.
Also we observed that a User in JazzAdmins group is able to save a workitem.
Can anyone help me on this asap.
Thanks in advance,
Mala
We are connected to LDAP user registry! We mapped JAZZ group JazzAdmins and JazzUsers to LDAP groups JazzAdmins=TestTACAdmin92 and JazzUsers=TestTACUser94.We have no problem loggin in. But when a person in JazzUser group tries to save a workitem, an exception is thrown with msg,
The user "<user>" is not authorized to perform the operation. The "JazzUsers" role is required to perform this operation.
Note:This user is a member of the JazzUsers group.
Also we observed that a User in JazzAdmins group is able to save a workitem.
Can anyone help me on this asap.
Thanks in advance,
Mala
Hi Mala,
I had the same problem. I suggest you to try to map JAZZ group "JazzUsers" to only one LDAP group, I think it should work!
Another thing, I also noticed that when I map JAZZ group "JazzUsers" to two LDAP groups, members from second group can do everything, but from first LDAP group get warning message for "JazzUsers" what you mentioned!
I hope this will help!
I had the same problem. I suggest you to try to map JAZZ group "JazzUsers" to only one LDAP group, I think it should work!
Another thing, I also noticed that when I map JAZZ group "JazzUsers" to two LDAP groups, members from second group can do everything, but from first LDAP group get warning message for "JazzUsers" what you mentioned!
I hope this will help!
Hi,
We are connected to LDAP user registry! We mapped JAZZ group JazzAdmins and JazzUsers to LDAP groups JazzAdmins=TestTACAdmin92 and JazzUsers=TestTACUser94.We have no problem loggin in. But when a person in JazzUser group tries to save a workitem, an exception is thrown with msg,
The user "<user>" is not authorized to perform the operation. The "JazzUsers" role is required to perform this operation.
Note:This user is a member of the JazzUsers group.
Also we observed that a User in JazzAdmins group is able to save a workitem.
Can anyone help me on this asap.
Thanks in advance,
Mala
Oh, yeah, I see now, I haven't read good, my apologize!
Maybe there is a problem in fileweb.xml which is located in ...\server\tomcat\webapps\jazz\WEB-INF
If your LDAP groups are different from Jazz groups, then you must configure this file. Also, when you log in to Jazz Server as Admin, make sure that user who have warning about missing JazzUsers permission, his checkbox is checked unter JazzUsers!
If you mapped JazzUsers to only one LDAP group, just check the web.xml. I didn't have any problems with one-to-one group mapping.
Maybe there is a problem in file
If your LDAP groups are different from Jazz groups, then you must configure this file. Also, when you log in to Jazz Server as Admin, make sure that user who have warning about missing JazzUsers permission, his checkbox is checked unter JazzUsers!
If you mapped JazzUsers to only one LDAP group, just check the web.xml. I didn't have any problems with one-to-one group mapping.
Thanks Milan,
But we have mapped JazzUsers to only one group.