It's all about the answers!

Ask a question

ldap user registry


Lior Peled (1714) | asked Jun 24 '18, 8:53 a.m.

 Hi,


I have an issue after enabling LDAP with Jazz CLM.
when I search in import users ,I see all the users in the active directory even if they are not part of the JazzUsers LDAP group I had created.
where is this import feature looks for users exactly?
the reason is that we have 2 users which are not a "normal" users and located in a different group in the active directory than the regular users and those 2 are not found in the import feature and they are not imported as well with the nightly sync, looks like they are completely ignored.
where exactly  in the active directory is this search defined?

2 answers



permanent link
Ralph Schoon (61.6k33643) | answered Jun 27 '18, 2:19 a.m.
FORUM ADMINISTRATOR / FORUM MODERATOR / JAZZ DEVELOPER

If you see all users, then the group mapping does not work correctly. When you enable LDAP in the setup process, follow the tech note on the user registry setup page to test your mapping information. JTS and RTC as well as other applications use the same settings.


Comments
Lior Peled commented Jun 28 '18, 3:32 a.m.

thanks Ralph , where can I find the tech note on the user registry setup page you mentioned? 


Ralph Schoon commented Jun 28 '18, 3:50 a.m. | edited Jun 28 '18, 3:50 a.m.
FORUM ADMINISTRATOR / FORUM MODERATOR / JAZZ DEVELOPER

Run /jts/setup, step to the user registry setup page, select LDAP and carefully read tat page. The link to the technote is on that page.


permanent link
Lior Peled (1714) | answered Jun 28 '18, 4:50 a.m.

 I found the instructions page but when I used the parameters suggested I still get all the users in the import wizard:

Active Directory:
  • User Filter: (&(sAMAccountName=%v)(objectclass=user)) - The User Filter field determines what part of the LDAP entry must match the logon ID of the user.
  • Group Filter: (&(cn=%v)(objectclass=group))
  • User ID Map: :displayName (or whatever you entered in Step 15)
  • Group ID Map: :cn
  • Group Member ID Map: memberof:member
  • Certificate Map Mode: EXACT_DN
  • Certificate Filter: leave clear

are these the right parameters?

Lior

Your answer


Register or to post your answer.