Installing RTC on WAS and DB2, with corporate LDAP
I have recently installed RTC 3.0 on WAS and DB2, using a corporate LDAP for authentication. The RTC server is running Windows Server 2008. The following steps appear to be necessary in getting this to work, but are not noted in the installation instructions. If anyone would like to offer corrections, I would love to learn a better way; otherwise, there are a few bug fixes required in both the RTC code and the installation documentation.
1. There is one setting missing from the instructions and the sample jts/teamserver.properties file. As well as the changes that are noted in the installation instructions, also add this:
com.ibm.team.repository.server.jts.url=https\://<Server>\:9443/jts
(For details, see http://jazz.net/forums/viewtopic.php?t=14840 )
2. I don't have write permission to my corporate LDAP database; changes are made by requesting them. The JTS install seems to expect write permission. After completing the LDAP setup on page 5 of the JTS setup, it complains that it cannot add the new ID. I assume this is the administrative ID. Click the "next" button (it might execute something important), but don't be surprised when it gives a warning instead of taking you to page 6. Here, after testing the LDAP settings with the test button, I manually changed the URL page number from 5 to 6, and loaded the next page that way.
3. When running JTS setup, do not add the CCM program until the setup has completed once. Adding the CCM program complained that it did not have a valid administrative ID, but after the JTS install completes, it seems to create an ID that works. (Later, you can return to the setup and add the CCM program.) The first time through, I removed CCM from the "register applications" list before clicking "next" on that page.
4. After JTS installation completes the first time, add a user for your account; otherwise it asks you to log in with the ADMIN ID and generally has strange behaviour. Be sure to give yourself a Developer license (so you can install the default process templates). After adding this ID, you can return to the start of JTS setup and page through. The "next" button should work on the LDAP setup page this time. When you get to page 6, you can now register the CCM application, and use the "next" button to go through the CCM setup.
1. There is one setting missing from the instructions and the sample jts/teamserver.properties file. As well as the changes that are noted in the installation instructions, also add this:
com.ibm.team.repository.server.jts.url=https\://<Server>\:9443/jts
(For details, see http://jazz.net/forums/viewtopic.php?t=14840 )
2. I don't have write permission to my corporate LDAP database; changes are made by requesting them. The JTS install seems to expect write permission. After completing the LDAP setup on page 5 of the JTS setup, it complains that it cannot add the new ID. I assume this is the administrative ID. Click the "next" button (it might execute something important), but don't be surprised when it gives a warning instead of taking you to page 6. Here, after testing the LDAP settings with the test button, I manually changed the URL page number from 5 to 6, and loaded the next page that way.
3. When running JTS setup, do not add the CCM program until the setup has completed once. Adding the CCM program complained that it did not have a valid administrative ID, but after the JTS install completes, it seems to create an ID that works. (Later, you can return to the setup and add the CCM program.) The first time through, I removed CCM from the "register applications" list before clicking "next" on that page.
4. After JTS installation completes the first time, add a user for your account; otherwise it asks you to log in with the ADMIN ID and generally has strange behaviour. Be sure to give yourself a Developer license (so you can install the default process templates). After adding this ID, you can return to the start of JTS setup and page through. The "next" button should work on the LDAP setup page this time. When you get to page 6, you can now register the CCM application, and use the "next" button to go through the CCM setup.
2 answers
Michael,
1. You should not add the jts url first, this should be done by the registration process. This will cause you problems if you do.
2. This is expected, you normally do not have write access to the LDAP directory, the users shown in the Register Applications screen are the defaults, if you use LDAP you need to put actual LDAP userid's in those fields (aka the one you added in step 6) you can update this later with a service account from LDAP if you don't have one yet.
3&4 Not sure I understand but, if you selected to disable ADMIN you need to logout, at that point and resume as your new user, this is also expected.
-Sean
1. You should not add the jts url first, this should be done by the registration process. This will cause you problems if you do.
2. This is expected, you normally do not have write access to the LDAP directory, the users shown in the Register Applications screen are the defaults, if you use LDAP you need to put actual LDAP userid's in those fields (aka the one you added in step 6) you can update this later with a service account from LDAP if you don't have one yet.
3&4 Not sure I understand but, if you selected to disable ADMIN you need to logout, at that point and resume as your new user, this is also expected.
-Sean
1. You should not add the jts url first, this should be done by the registration process. This will cause you problems if you do.
If I don't add it, then the first page of the setup (configure the public URI) shows "Loading configuration settings..." and never allows me to continue with the setup. Other people have had the same problem (e.g. the thread noted above). Setting this variable fixes that problem. Can you suggest a better solution? Having used this workaround, what sort of new problems should I be looking out for?
2. This is expected, you normally do not have write access to the LDAP directory, the users shown in the Register Applications screen are the defaults, if you use LDAP you need to put actual LDAP userid's in those fields (aka the one you added in step 6) you can update this later with a service account from LDAP if you don't have one yet.
If it's expected, then either the "Next" button should take you to the next configuration page (i.e. function normally) when pressed, or there should be a note in the configuration instructions about how to get around it, don't you think? The LDAP fields were all set correctly, and it verified as OK, but the Next button just kept reporting the warning that it couldn't create the ID, and returning to the same page.
3&4 Not sure I understand but, if you selected to disable ADMIN you need to logout, at that point and resume as your new user, this is also expected.
With point 3, if I added the CCM program the first time through, then it lets me get as far as the last CCM setup page, but then gives an error (I can't remember the exact text, but it basically said that the admin ID didn't work). The installation instructions don't say to log out and in again in the middle of the setup, and the installation hung at that point without enabling the finalize button for the last setup page. I found that completing the setup without adding the CCM program, then going around a second time to add it as described solved that problem.
With point 4, I found that although my Jazz account was in the admin group (so WAS allowed me to access the application) CCM gave me a message that I was not authorized to access the admin pages unless I had done a "create user" in the Jazz admin pages to add my own ID as an admin user. Just after the setup, when it goes to the admin pages, I was authorized to add myself as an admin user, and everything went fine. If I disconnected before doing this, then logging back in with my ID did not have authority. Perhaps waiting for the next LDAP synchronization would also have worked, but failing to add it before disconnecting that initial session locked me out of the setup.