It's all about the answers!

Ask a question

Correct group mapping in Jazz / JAS system

Dieter Paul (10311319) | asked Apr 18 '17, 6:31 a.m.

We are wondering were to configure the Group-Role-Mapping in a JAS system.



Central JAS system

2 (or more) separate Jazz environments

Same users in both environments, but users can have different permissions in these environments (e.g. JazzUser in environment-1, JazzPrjAdmin in environment-2)

There is a set of different access Groups (in MS AD) for each environment.


From all the documentation about JAS it seems, that the mapping must be configured in the “appConfig.xml” in JAS. But this mapping would not differ between separate Jazz environments.

There is also a group mapping configuration in the JTS (LDAP configuration). Until now we thought that this configuration is only for user import (e.g. nightly sync).


When talking with IBM (very short) about the above situation, they told us, that configuring the mapping in JTS is enough.

So we tried this and it seems that it is working.

In JAS I did not configure any special role mapping (did not change the default: e.g. JazzAdminsàJazzAdmins)


But now this is a configuration which is documented nowhere.

Does anyone know an official documentation how to configure JAS/Jazz group mapping for the above configuration?


Lonnie VanZandt commented Mar 25, 11:14 a.m.

Was it the case that the user.registry.type is left at UNSUPPORTED (implying JAS SSO) but that the server.xml still needs to include the ldapUserRegistry.xml (not, or in addition to, the basicUserRegistry file) so that Jazz CLM knows how to parse LDAP information which it should be seeing coming in from the JAS+LDAP systems?


Be the first one to answer this question!

Register or to post your answer.