It's all about the answers!

Ask a question

Cannot be able to login with uid on Jazz Team Server


Ahmed Ahmed (48314) | asked Jul 04 '15, 4:30 a.m.
edited Jul 04 '15, 5:40 a.m.
 
Hello,

I have configured CLM 5.0.2 on WAS using LDAP as user authentication. I have some queries regarding this configuration and need your support and guidance.

1. When I login on Jazz Team server i cannot be able to login with uid. For example: uid = test1. But when i am going to use the detailed distinguished name (i.e. CN=users,CN=test1, dc=....,dc=....) i can easily login on JTS home. Kindly guide me how can i configure uid so that i can login?

2. After starting the WAS when i see the log file of system.out following error is shown:
SECJ0360E: Authentication failed for <user>  because multiple users matched the user. 
When i see my LDAP configuration i didn't see any multiple users.




Accepted answer


permanent link
Kevin Ramer (4.4k6158177) | answered Jul 06 '15, 12:20 p.m.
You need to go under "Advanced Lightweight Directory Access Protocol (LDAP) user registry settings"  after clicking the "Configure" button adjacent to the pulldown indicating the realm definition.

The property:
User ID map

will be the one that needs to be changed
Ahmed Ahmed selected this answer as the correct answer

Comments
Ahmed Ahmed commented Jul 07 '15, 4:36 a.m.

 Thanks Kevin...after configuring the said property my issue has been resolved.

2 other answers



permanent link
Rohit Balduwa (935310) | answered Jul 06 '15, 2:51 a.m.
Hello Aftab

The issue looks like the LDAP parameters passed in the Websphere and JTS/setup LDAP registry settings are not accurate to fetch the details. You need to ensure that the accurate LDAP parameters are defined.
Also, verify the security mappings defined for the application. Check the Bind and Base DN properties in WAS. Also verify the LDAP parameters defined in jts/setup, step6..
Steps to verify:
http://www-01.ibm.com/support/knowledgecenter/SSYMRC_5.0.2/com.ibm.jazz.install.doc/topics/t_instl_config_ldap_on_was.html?cp=SSYMRC_5.0.2&lang=en

To get accurate LDAP parameters, Install a third party software named: Softerra LDAP Browser and it will list you the parameters.
http://www-01.ibm.com/support/docview.wss?uid=swg21445366

If this answers your question please mark it as accepted.

Regards,
Rohit

Comments
Ahmed Ahmed commented Jul 06 '15, 11:55 a.m.

 i have configured the LDAP again. Now i am not getting the error of multiple users. But still i cannot i cannot be able to login with uid. I have to specify the full distinguished name for login. 


Bind Distinguished name is: CN=test,OU=ABC, dc=....,dc=...
uid=test
objectclass=person,organizational
cn=test
mail=test@test.com

In WAS , i am using custom type as ldap server,  primary administrative user and bind DN are the same. The test connection was successful. When i login on WAS admin console i have to specify the distinguished name as a login id. I want to login with uid i.e. test. How can i bind uid instead of DN?


permanent link
Donald Nong (14.3k213) | answered Jul 06 '15, 8:18 p.m.
Did you follow steps in any of the published documents? You need to make it clear so that others can help you. Here is a simple one that you can follow.
https://jazz.net/library/article/96
Step 6 under "WAS Setup" is the one that you need to pay attention to (as Kevin pointed out).

Your answer


Register or to post your answer.