Change authentication method from LDAP to Federated
Hello,
I use RTC 6.0.2. on Windows with Websphere 8.5.5. Actually, the server is connected to a LDAP server :
url : ldap://firstLdapServer:389
user base : ou=people,dc=companyA,dc=com
I have a user TOM on my server
I would like to add to my server new users on a different LDAP server.
So I have decided to use Federated Repository on WAS.
I have add on my WAS the first ldap server and the second :
url : ldap://secondLdapServer:389
user base : ou=people,dc=companyB,dc=com
I have executed a new /jts/setup to disable Ldap connection on the server and connect user database to an external Ldap server.
Problem : TOM is also present on the second Ldap server !!!
So I have restricted the user base on each server. The first server is only used to administrator (TOM is not present) and the second server is used to user.
The configuration is :
url : ldap://firstLdapServer:389
user base : ou=admins,ou=people,dc=companyA,dc=com (TOM is not present)
url : ldap://secondLdapServer:389
user base : ou=people,dc=companyB,dc=com (TOM is present)
Note that there is no problem on WAS : On Manage User, I see only TOM on the second Ldap server.
My problem : TOM can connect to Jazz with its password on the first Ldap server but not with the password of the second server ...
Why ? Have you got an idea ? Thanks a lot
Regards
Mathieu
I use RTC 6.0.2. on Windows with Websphere 8.5.5. Actually, the server is connected to a LDAP server :
url : ldap://firstLdapServer:389
user base : ou=people,dc=companyA,dc=com
I have a user TOM on my server
I would like to add to my server new users on a different LDAP server.
So I have decided to use Federated Repository on WAS.
I have add on my WAS the first ldap server and the second :
url : ldap://secondLdapServer:389
user base : ou=people,dc=companyB,dc=com
I have executed a new /jts/setup to disable Ldap connection on the server and connect user database to an external Ldap server.
Problem : TOM is also present on the second Ldap server !!!
So I have restricted the user base on each server. The first server is only used to administrator (TOM is not present) and the second server is used to user.
The configuration is :
url : ldap://firstLdapServer:389
user base : ou=admins,ou=people,dc=companyA,dc=com (TOM is not present)
url : ldap://secondLdapServer:389
user base : ou=people,dc=companyB,dc=com (TOM is present)
Note that there is no problem on WAS : On Manage User, I see only TOM on the second Ldap server.
My problem : TOM can connect to Jazz with its password on the first Ldap server but not with the password of the second server ...
Why ? Have you got an idea ? Thanks a lot
Regards
Mathieu
Comments
Donald Nong
Nov 09 '16, 7:06 p.m.Can you run Wireshark on the server? Just capture the network traffic when TOM logging in and you should be able to find out why. It is much easier than mucking around with the WAS configuration.