It's all about the answers!

Ask a question

LDAP struggle


Roman Smirak (3164933) | asked Mar 17 '08, 3:39 a.m.
Hi,

I successfully managed to re-integrate Jazz and corporate directory
since upgraded to M5a.

My impressions: I followed
https://jazz.net/wiki/bin/view/Main/RoleMigrationAndLdapConfiguration
1. The screenshot is probably out of date, isn't it?
2. Since we use MS Active directory there are different parameters
involved - I was confused by a parameter called "Find groups for user" - it
didn't allow any other option and I did know what to put in; therefore I
stuck to default value (but no idea if this is correct).
3. I noticed that it didn't change tomcat's server.xml - I had to configure
LDAP realm manually - did I miss something?

When and how is used LDAP config managed via Web UI Admin page?

Thanks,

Roman

2 answers



permanent link
Balaji Krish (1.8k12) | answered Mar 17 '08, 9:52 a.m.
JAZZ DEVELOPER
1. Yes, the screenshot is based off of M5 (We made several improvements in
M5a. We will update the screenshots)
2 FindGroupsforUser -> a query to find the groups for a particular user. You
need to specify a value of the form..
Attribute to represent membership of a group={USER-DN}

For e.g. is you use memberList attribute to add members to a group in LDAP
registry
memberList uid=balajik,dc=ibm.com
memberList uid=test,dc=ibm.com

you will set findgroupsForUser to member={USER-DN}

3. This is one of the inherent disadvantages with our LDAP story today. You
have to configure the LDAP config in the container as well
as Jazz. We are in the process of evaluating any feasible solution to
provide a simple solution to the customers.

----- Balaji

"Roman Smirak" <roman.smirak@tietoenator.com> wrote in message
news:frl77e$3kg$1@localhost.localdomain...
Hi,

I successfully managed to re-integrate Jazz and corporate directory
since upgraded to M5a.

My impressions: I followed
https://jazz.net/wiki/bin/view/Main/RoleMigrationAndLdapConfiguration
1. The screenshot is probably out of date, isn't it?
2. Since we use MS Active directory there are different parameters
involved - I was confused by a parameter called "Find groups for user" -
it didn't allow any other option and I did know what to put in; therefore
I stuck to default value (but no idea if this is correct).
3. I noticed that it didn't change tomcat's server.xml - I had to
configure LDAP realm manually - did I miss something?

When and how is used LDAP config managed via Web UI Admin page?

Thanks,

Roman

permanent link
Balaji Krish (1.8k12) | answered Mar 17 '08, 9:53 a.m.
JAZZ DEVELOPER
Today, you need to go to the advanced page to update the LDAP config
properties.

For M6, we are working on a wizard style LDAP config page.

---- Balaji

"Balaji Krish" <balajik@us.ibm-dot-com.no-spam.invalid> wrote in message
news:frlt25$d6r$1@localhost.localdomain...
1. Yes, the screenshot is based off of M5 (We made several improvements in
M5a. We will update the screenshots)
2 FindGroupsforUser -> a query to find the groups for a particular user.
You need to specify a value of the form..
Attribute to represent membership of a group={USER-DN}

For e.g. is you use memberList attribute to add members to a group in LDAP
registry
memberList uid=balajik,dc=ibm.com
memberList uid=test,dc=ibm.com

you will set findgroupsForUser to member={USER-DN}

3. This is one of the inherent disadvantages with our LDAP story today.
You have to configure the LDAP config in the container as well
as Jazz. We are in the process of evaluating any feasible solution to
provide a simple solution to the customers.

----- Balaji

"Roman Smirak" <roman.smirak@tietoenator.com> wrote in message
news:frl77e$3kg$1@localhost.localdomain...
Hi,

I successfully managed to re-integrate Jazz and corporate directory
since upgraded to M5a.

My impressions: I followed
https://jazz.net/wiki/bin/view/Main/RoleMigrationAndLdapConfiguration
1. The screenshot is probably out of date, isn't it?
2. Since we use MS Active directory there are different parameters
involved - I was confused by a parameter called "Find groups for user" -
it didn't allow any other option and I did know what to put in; therefore
I stuck to default value (but no idea if this is correct).
3. I noticed that it didn't change tomcat's server.xml - I had to
configure LDAP realm manually - did I miss something?

When and how is used LDAP config managed via Web UI Admin page?

Thanks,

Roman


Your answer


Register or to post your answer.


Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.