Filter for SYNC LDAP User
HI,
Application CLM 3.0.1
Authentification LDAP
Webserver TOMCAT
System Windows 2008
We have 2 projects and each project in a own instance. And we do not want to have all users in both instances.
Idea.
On LDAP assign the users to a group ProjectA and/or ProjectB and configure the instances that only the users with the assigned group are synced by the nightly process.
Is this possible and how.
Application CLM 3.0.1
Authentification LDAP
Webserver TOMCAT
System Windows 2008
We have 2 projects and each project in a own instance. And we do not want to have all users in both instances.
Idea.
On LDAP assign the users to a group ProjectA and/or ProjectB and configure the instances that only the users with the assigned group are synced by the nightly process.
Is this possible and how.
3 answers
Hi,
you could have two groups of JazzUsers in LDAP. Each RTC Server would have to be configured to use its own group in the LDAP group mapping in its JTS. Two JTS would be required.
However, it does not matter, if a user is available on the server, as long as the user has no role in the project, it is possible to not allow access.
Could you explain, what the rationale behind the question is, to help understanding the request better?
you could have two groups of JazzUsers in LDAP. Each RTC Server would have to be configured to use its own group in the LDAP group mapping in its JTS. Two JTS would be required.
However, it does not matter, if a user is available on the server, as long as the user has no role in the project, it is possible to not allow access.
Could you explain, what the rationale behind the question is, to help understanding the request better?
Hi,
I have one LDAP server where all users are hosted in the same OU. I have setup 2 full installations of CLM 3.0.1 i.e. 2 JTS.
I do not want to sync all users into both JTS. I want only the users working in the project into the correct JTS.
Also I have users working in both projects. So one workaround is to get 2 different OU's and give this users 2 logins. For each JTS one.
The idea is to create 2 groups on LDAP and assign the users to the responding group for their project.
So I am looking for a possibility to filter the users for the right project.
I have one LDAP server where all users are hosted in the same OU. I have setup 2 full installations of CLM 3.0.1 i.e. 2 JTS.
I do not want to sync all users into both JTS. I want only the users working in the project into the correct JTS.
Also I have users working in both projects. So one workaround is to get 2 different OU's and give this users 2 logins. For each JTS one.
The idea is to create 2 groups on LDAP and assign the users to the responding group for their project.
So I am looking for a possibility to filter the users for the right project.
Hi,
as far as I know you
- can create separate user/group mappings e.g. user1 is in JazzUsers1 and User2 in JazzUsers2 to use the respective group mapping in the LDAP configuration of server 1 and server 2. Server 1 would only sync in JazzUsers1, Server 2 JazzUsers2. The server does not/can not know about who belongs to which project other than you make it detectable using different LDAP groups. Specifying the correct group in the LDAP group mapping would do the trick.
- Can switch off automatic synchronization and add the users manually
You can also look into https://jazz.net/jazz/web/projects/Jazz%20Foundation#action=com.ibm.team.workitem.viewWorkItem&id=170818 and if it fits your need add your case. If not you can search for a better fit or create a work item for your case.
as far as I know you
- can create separate user/group mappings e.g. user1 is in JazzUsers1 and User2 in JazzUsers2 to use the respective group mapping in the LDAP configuration of server 1 and server 2. Server 1 would only sync in JazzUsers1, Server 2 JazzUsers2. The server does not/can not know about who belongs to which project other than you make it detectable using different LDAP groups. Specifying the correct group in the LDAP group mapping would do the trick.
- Can switch off automatic synchronization and add the users manually
You can also look into https://jazz.net/jazz/web/projects/Jazz%20Foundation#action=com.ibm.team.workitem.viewWorkItem&id=170818 and if it fits your need add your case. If not you can search for a better fit or create a work item for your case.