I'm trying to configure my jazz server to use Apache Directory Server. I believe I've gotten to the point where, when I try to log into the Jazz server, the user id authenticates successfully, but then it appears that the user is not part of any Jazz groups. I suspect that I'm not properly setting the "Group Member Property". The attribute used to identify members is "uniquemember", and the value is e.g. "uid=jsmith". This would lead me to believe that the Group Member Property needs to be "uniquemember=uid", such that the resulting property in teamserver.properties is:
com.ibm.team.repository.ldap.findGroupsForUserQuery=uniquemember\=uid\={USER-DN}
I suspect I'm wrong here though, given that all the examples in the doc indicate that I should just be specifying "uniquemember" for Group Member Property, and when I try to test the connection with "uniquemember=uid" I get a warning that no such attribute exists. Just using "uniquemember" passes the connection test, but then doesn't work. Ideally I would just turn on logging in log4j.properties and see what query is being used against my ldap server, but I'm not having any luck turning on DEBUG either. Setting log4j.logger.com.ibm.team.repository.service.internal.userregistry.ldap.LDAPUserRegistry to DEBUG doesn't give me any ldap-related entries in the log. Nor does setting log4j.rootLogger to DEBUG.

I am using build rtc.200x.integration I20090814-1409.

Any suggestions for what to try next would be greatly appreciated. Thanks!
Robin

Robin,

Unfortunately there is no easy to fix your issue. We are assuming that the membership information would be collected using the following format :

uniquemember: {dn of the user}

For e..g uniquemember: uid=jsmith,ou=people,dc=jazz,dc=net

This problem is described in https://jazz.net/jazz/resource/itemName/com.ibm.team.workitem.WorkItem/89980

I believe you are using a simple objectclass like groupOfNames / groupOfUniqueNames. In these schemas, the uniquemember property can take any text. To get around this problem, you need to have 2 entries in LDAP group.

uniquemember: jsmith
uniquemember: uid=jsmith,ou=people,dc=jazz,dc=net


--- Balaji
Jazz Server Team

I'm trying to configure my jazz server to use Apache Directory Server. I believe I've gotten to the point where, when I try to log into the Jazz server, the user id authenticates successfully, but then it appears that the user is not part of any Jazz groups. I suspect that I'm not properly setting the "Group Member Property". The attribute used to identify members is "uniquemember", and the value is e.g. "uid=jsmith". This would lead me to believe that the Group Member Property needs to be "uniquemember=uid", such that the resulting property in teamserver.properties is:
com.ibm.team.repository.ldap.findGroupsForUserQuery=uniquemember\=uid\={USER-DN}
I suspect I'm wrong here though, given that all the examples in the doc indicate that I should just be specifying "uniquemember" for Group Member Property, and when I try to test the connection with "uniquemember=uid" I get a warning that no such attribute exists. Just using "uniquemember" passes the connection test, but then doesn't work. Ideally I would just turn on logging in log4j.properties and see what query is being used against my ldap server, but I'm not having any luck turning on DEBUG either. Setting log4j.logger.com.ibm.team.repository.service.internal.userregistry.ldap.LDAPUserRegistry to DEBUG doesn't give me any ldap-related entries in the log. Nor does setting log4j.rootLogger to DEBUG.

I am using build rtc.200x.integration I20090814-1409.

Any suggestions for what to try next would be greatly appreciated. Thanks!
Robin