Problem configuring RRCS V1.0.0.1 to use Active Directory
Hi,
I was trying to configure RRCS to use company AD. I followed the steps in http://jazz.net/library/LearnItem.jsp?href=content/techtips/jazz-team-server-1_0-user-management-in-tomcat/index.html but it didn't pass the "Test LDAP connection" stage.
Here is what was done:
When clicking on the "Test Connection" button, I kept getting error "The group member property 'member' is not present in the LDAP registry".
Has anyone run into this situation?
Here is the Realm I created for Tomcat:
Also, I also tried using Tivoli Directory server and got the similar error message although the Realm parameters are different.
Using a LDAP browser, I can see that "member" property indeed exists.
Thanks in advance,
leiz
I was trying to configure RRCS to use company AD. I followed the steps in http://jazz.net/library/LearnItem.jsp?href=content/techtips/jazz-team-server-1_0-user-management-in-tomcat/index.html but it didn't pass the "Test LDAP connection" stage.
Here is what was done:
- create a Realm for the AD so that Tomcat uses it for authentication
I created the 4 Jazzxxxx groups in AD so that I don't need to modify web.xml as in TechTip TN0030.
Start server
login to https://localhost:9443/jazz/setup
Click next and select "LDAP" on "Setup user Registry" page
Fill in all the parameters
When clicking on the "Test Connection" button, I kept getting error "The group member property 'member' is not present in the LDAP registry".
Has anyone run into this situation?
Here is the Realm I created for Tomcat:
<Realm>
Also, I also tried using Tivoli Directory server and got the similar error message although the Realm parameters are different.
Using a LDAP browser, I can see that "member" property indeed exists.
Thanks in advance,
leiz
5 answers
Hi, here is some information that might help:
http://jazz.net/library/techtip/92
Thanks,
Mark
Thanks for the response Mark. But that is exactly the document that I used for my installation and was having problem to complete.
I have a feeling that the problem lies in the way Jazz figures out the group search filters for LDAP.
If there is a way to turn on/access the debug logging of the setup wizard, I'd be able to see what is exactly the problem and may be able to go forward.
Any other ideas?
leiz
Here is the RTC documentation,
http://publib.boulder.ibm.com/infocenter/rtc/v2r0m0/index.jsp?topic=/com.ibm.team.install.doc/topics/c_plan_identity_management.html
This appears to largely reflect what is in the tech tip above.
Another link I found that might have useful examples is on the wiki:
https://jazz.net/wiki/bin/view/Main/LDAP4Dummies#Configure_Web_Container_for_LDAP
http://publib.boulder.ibm.com/infocenter/rtc/v2r0m0/index.jsp?topic=/com.ibm.team.install.doc/topics/c_plan_identity_management.html
This appears to largely reflect what is in the tech tip above.
Another link I found that might have useful examples is on the wiki:
https://jazz.net/wiki/bin/view/Main/LDAP4Dummies#Configure_Web_Container_for_LDAP
Hi, here is some information that might help:
http://jazz.net/library/techtip/92
Thanks,
Mark
Thanks for the response Mark. But that is exactly the document that I used for my installation and was having problem to complete.
I have a feeling that the problem lies in the way Jazz figures out the group search filters for LDAP.
If there is a way to turn on/access the debug logging of the setup wizard, I'd be able to see what is exactly the problem and may be able to go forward.
Any other ideas?
leiz
We are configuring LDAP on RRC 2.0.0.1 and see the same warning related to groups. Rather than binding the jazz groups to LDAP, is there a way to simply import the accounts and allow the jazz admin to control the group access?
I attempted to complete the setup despite theis warning, but getting an invalid userid/password upon login with an imported LDAP user. Would this be related to the group binding (or lack of)?
Thanks,
Ben
We are configuring LDAP on RRC 2.0.0.1 and see the same warning related to groups. Rather than binding the jazz groups to LDAP, is there a way to simply import the accounts and allow the jazz admin to control the group access?
I attempted to complete the setup despite theis warning, but getting an invalid userid/password upon login with an imported LDAP user. Would this be related to the group binding (or lack of)?
Thanks,
Ben
We did not run into warnings during the LDAP setup.
However, we are facing the same error upon logging in with any LDAP user in one of our two main groups (we have "users" and "admins" groups). As a member of the admin group, I'm able to log into RRC successfully.
I can set up the connection in RRC, tell it to validate the URL, and click OK to save the connection. It does not have a problem with this. When trying to open the repository, thought, the users get an error. The error displayed in the RRC client when trying to open the repository is "CRRRC2283E The repository connection has failed." It won't display the projects we have in the repository. The users are members of the project and have been assigned either author or reviewer licenses.
I haven't found a hit for this error on the support sites yet. Any ideas?