Can JazzUsers be set to any authenticated user?
We want to use RTC to manage support requests. It is painful and unintuitive to require users to first be added to an ldap group before being able to login. It is not practical to constantly update an ldap group with employees daily. Is there a way to set the JazzUsers setting to be any authenticated user? We are on RTC 5.0.2 right now.
Accepted answer
If you are using WAS as the application server, the easiest way is to map the "all authenticated in application realm" special subject to the security role "JazzUsers", rather than map users and/or groups to the role.
https://www-01.ibm.com/support/knowledgecenter/SSAW57_8.5.5/com.ibm.websphere.nd.doc/ae/usec_tselugrad.html
Note that this contradicts to the CLM configuration document where it says "Do not enable the All authenticated? option". But if this is what you want, why not?
http://www-01.ibm.com/support/knowledgecenter/SSCP65_5.0.1/com.ibm.jazz.install.doc/topics/t_deploy_was.html
The version of RTC should not matter in this case.
https://www-01.ibm.com/support/knowledgecenter/SSAW57_8.5.5/com.ibm.websphere.nd.doc/ae/usec_tselugrad.html
Note that this contradicts to the CLM configuration document where it says "Do not enable the All authenticated? option". But if this is what you want, why not?
http://www-01.ibm.com/support/knowledgecenter/SSCP65_5.0.1/com.ibm.jazz.install.doc/topics/t_deploy_was.html
The version of RTC should not matter in this case.
Comments
Awesome, thanks Donald. This seems to be working for me. A coworker and I noticed that RTC v6 seems to be pre-importing everyone they find in the associated ldap groups. Any chance this would end up importing our entire user directory? :/
That's quite unexpected. If there are more than 500 users for a group, not "everybody" will be imported, as JTS should retrieve 500 users at most - this is controlled by the JTS advanced property Max Number of Entries Returned from User Search.