It's all about the answers!

Ask a question

Random invalid users are getting created in RTC 6.0.6.1 ccm and jts


aastha khatri (22619) | asked Feb 01 '22, 5:54 a.m.
edited Feb 01 '22, 6:34 a.m. by Ralph Schoon (63.1k33645)
Recently we noticed that random invalid users are getting created in the repository. For example - below is one example.

Name                                                      User Id                                                   Email
Victor  & Tom providing fixes. Need released in
Victor  & Tom providing fixes. Need released in ‪Victor  & Tom providing fixes. Need released in

We are using LDAP as external registry and there is no such user present in LDAP as there is no valid email id above.
We are wondering how this user got created. Is there a way to debug this issue ? We as admins haven't added any such user.

One answer



permanent link
Ralph Schoon (63.1k33645) | answered Feb 01 '22, 6:40 a.m.
FORUM ADMINISTRATOR / FORUM MODERATOR / JAZZ DEVELOPER
You need to share more information e.g. the app server you use, if you have set up the system to synchronize the LDAP users in, if you have set up federated Realm etc.

If you have a federated realm, the server might pick up additions to the local users files.

The documentation of the application server would tell you where user additions are tracked. You could check the the JTS and CCM logs. I would also consider to check with support.

Comments
aastha khatri commented Feb 01 '22, 6:55 a.m.
Hi Ralph,
Thanks for your quick response. We are using IBM bluegroups as ldap repo and ldap sync is enabled but LDAP doesn't have any such users. Application server used is Websphere Liberty. We don't use Federated realm. Actually I don't know when the users got created as it came to our notice recently so logs don't have any such information.
Also I had a doubt regarding user creation using RTC plain client libraries. Can a user with JAZZUser permission create user as we are suspecting if teams using automation are creating such users by mistake? My understanding is that only the JAZZAdmin can create users using RTC plain client libraries. Is that correct?

Ralph Schoon commented Feb 01 '22, 7:12 a.m. | edited Feb 01 '22, 7:13 a.m.
FORUM ADMINISTRATOR / FORUM MODERATOR / JAZZ DEVELOPER
There are repotools to create users, you could try using the API to create users.

My understanding is that a user must have JazzAdmin repository role to create a user. API or UI should not be different.

I assume that the default user ADMIN/ADMIN has been disabled during setup.

If you use LDAP to manage the users, it should not be possible to create a user, only LDAP should be able to do so. Can you check if the create user button is available in the admin UI?

https://rsjazz.wordpress.com/2012/10/12/changing-the-jazz-user-id-using-the-rtc-plain-java-client-libraries/ describes a way to access user data and actually do changes, but would also require JazzAdmin.

I can not remember if I have heard of any case like this in the past.


Ralph Schoon commented Feb 01 '22, 7:30 a.m.
FORUM ADMINISTRATOR / FORUM MODERATOR / JAZZ DEVELOPER
The Create User button should show and you should not be able to create a user. I am not sure if that could be circumvented using repotools or API:
The Create User button is disabled because the user registry is not writable. To create a new user, use the tools provided by the external user registry.

Your answer


Register or to post your answer.


Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.