It's all about the answers!

Ask a question
QuestionsTagsUsersBadges
Follow this question
Question details

×42,810

question asked: Aug 11 '11, 5:45 a.m.
question was seen: 4,559 times
last updated: Aug 11 '11, 5:45 a.m.

Related questions

FAQ - How this Forum works

Filter for SYNC LDAP User

0
Torsten Welk (341710) | asked Aug 11 '11, 5:45 a.m.
HI,

Application CLM 3.0.1
Authentification LDAP
Webserver TOMCAT
System Windows 2008

We have 2 projects and each project in a own instance. And we do not want to have all users in both instances.

Idea.
On LDAP assign the users to a group ProjectA and/or ProjectB and configure the instances that only the users with the assigned group are synced by the nightly process.
Is this possible and how.

3 answers

Most liked answers ↑|Newest answers|Oldest answers

0
permanent link
Ralph Schoon (63.2k33646) | answered Aug 11 '11, 3:58 p.m.
FORUM ADMINISTRATOR / FORUM MODERATOR / JAZZ DEVELOPER
Hi,

you could have two groups of JazzUsers in LDAP. Each RTC Server would have to be configured to use its own group in the LDAP group mapping in its JTS. Two JTS would be required.

However, it does not matter, if a user is available on the server, as long as the user has no role in the project, it is possible to not allow access.

Could you explain, what the rationale behind the question is, to help understanding the request better?
0
permanent link
Torsten Welk (341710) | answered Aug 12 '11, 6:10 a.m.
Hi,

I have one LDAP server where all users are hosted in the same OU. I have setup 2 full installations of CLM 3.0.1 i.e. 2 JTS.

I do not want to sync all users into both JTS. I want only the users working in the project into the correct JTS.

Also I have users working in both projects. So one workaround is to get 2 different OU's and give this users 2 logins. For each JTS one.

The idea is to create 2 groups on LDAP and assign the users to the responding group for their project.

So I am looking for a possibility to filter the users for the right project.
0
permanent link
Ralph Schoon (63.2k33646) | answered Aug 12 '11, 6:23 a.m.
FORUM ADMINISTRATOR / FORUM MODERATOR / JAZZ DEVELOPER
Hi,

as far as I know you

- can create separate user/group mappings e.g. user1 is in JazzUsers1 and User2 in JazzUsers2 to use the respective group mapping in the LDAP configuration of server 1 and server 2. Server 1 would only sync in JazzUsers1, Server 2 JazzUsers2. The server does not/can not know about who belongs to which project other than you make it detectable using different LDAP groups. Specifying the correct group in the LDAP group mapping would do the trick.

- Can switch off automatic synchronization and add the users manually


You can also look into https://jazz.net/jazz/web/projects/Jazz%20Foundation#action=com.ibm.team.workitem.viewWorkItem&id=170818 and if it fits your need add your case. If not you can search for a better fit or create a work item for your case.

Your answer

Register or to post your answer.


Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.