It's all about the answers!

Ask a question
QuestionsTagsUsersBadges
Guidelines | FAQ
Follow this question
Question details

×42,844

question asked: Mar 05 '12, 9:43 a.m.
question was seen: 5,391 times
last updated: Mar 05 '12, 9:43 a.m.

Related questions

Problem with login case

0
Luca Martinucci (1.0k397112) | asked Mar 05 '12, 9:43 a.m.
Please help me solve this issue.
In our RTC environment there is a couple a duplicated user IDs.
They only differ in the case of the initial letter, say, e.g. a12345 and A12345.
We archived user A12345, which was created erroneously, and then we tried to log on with user a12345.
Sadly, after the login we get this message:

User A12345 is not authorized to access to the Jazz Team Server Admin UI.

It looks like RTC capitalizes the login and finds out that the user is archived; we tried to enable and disable the case-insensitive login, but nothing changed.
Have you ever faced such an issue?
RTC version is 3.0.1

Accepted answer

1
permanent link
Ralph Schoon (63.3k33646) | answered Mar 05 '12, 11:09 a.m.
FORUM ADMINISTRATOR / FORUM MODERATOR / JAZZ DEVELOPER
Hi Luca,

you could contact support. I think that should not happen.

You can switch the Registry type to "Non-LDAP user registry" = UNSUPPORTED. If you do that you can change the user ID. But i would suggest to ask support first.
Luca Martinucci selected this answer as the correct answer

6 other answers

Most liked answers ↑|Newest answers|Oldest answers

0
permanent link
Ralph Schoon (63.3k33646) | answered Mar 05 '12, 10:46 a.m.
FORUM ADMINISTRATOR / FORUM MODERATOR / JAZZ DEVELOPER
Hi,

I would like to suggest to check the case in LDAP do they match? I suspect RTC can not find the user in LDAP.
0
permanent link
Luca Martinucci (1.0k397112) | answered Mar 05 '12, 10:57 a.m.
Ralph, this is what happened:
1) user a12345 was initially created as an internal WAS user;
2) then (after 2 weeks) we enabled the LDAP authentication;
3) in LDAP the user case is A12345;
4) the first RTC-LDAP synchronization created a new user A12345 in RTC, because the login was set (by default) as case sensitive;
5) when we discovered the duplicated user, we archived A12345, enabled case insensitive login and then re-launched synchronization;
6) synchronization updated, correctly, a12345 (I am sure of that because it changed his fullname);
7) now, unluckily, it looks like RTC is mixing up the 2 users.
If I try to login to ccm/web with user a12345 (by providing the LDAP password), the authentication succeeds, but then I get the message:

You are not authorized to view this page

and, in ccm.log,

CRJAZ1184W Authentication attempt from archived user: A12345

That's why I suspect RTC is mixing up the 2 user profiles.
Even if I switch back to case sensitive login I get the same, indentical error messages.
0
permanent link
Luca Martinucci (1.0k397112) | answered Mar 06 '12, 5:42 a.m.
I followed your suggestion, and it worked.
This is a good workaround, but I have also opened a Service Request in order to investigate the issue.
Thank you.
0
permanent link
Guido Schneider (3.4k1491115) | answered Mar 06 '12, 2:44 p.m.
5) when we discovered the duplicated user, we archived A12345, enabled case insensitive login and then re-launched synchronization;


Can you tell how you have set jazz/RTC to be case-insensitiv? I'm not aware of this possibility.

Or have you only set the LDAP login to be case insensitive? This would end in troubles where the user can login on LDAP, but in jazz the user id is not found. We have this problem with Active Directory which is case-insensitive, but jazz is. If users are not exactly typing in the correct case, they get authorized at the logon box, but get within jazz/RTC some strange errors or authorization faults.

(@IBM: Who the hell had the idea to make an userid case-sensitive. This is from last century)
0
permanent link
Luca Martinucci (1.0k397112) | answered Mar 07 '12, 4:15 a.m.
5) when we discovered the duplicated user, we archived A12345, enabled case insensitive login and then re-launched synchronization;


Can you tell how you have set jazz/RTC to be case-insensitiv? I'm not aware of this possibility.

Or have you only set the LDAP login to be case insensitive? This would end in troubles where the user can login on LDAP, but in jazz the user id is not found. We have this problem with Active Directory which is case-insensitive, but jazz is. If users are not exactly typing in the correct case, they get authorized at the logon box, but get within jazz/RTC some strange errors or authorization faults.

(@IBM: Who the hell had the idea to make an userid case-sensitive. This is from last century)

Actually, I changed nothing in LDAP.
The login case can be set from the jts/admin console.
Open Server->Advanced Properties and look for the property Use case insensitive user ID matching; its default value is false, but you can set it to true.
0
permanent link
Lawrence . (59512) | answered Apr 16 '12, 4:46 a.m.
Defect
Jazz /RTC Authentication should ignore archived users
https://jazz.net/jazz/web/projects/Jazz%20Foundation#action=com.ibm.team.workitem.viewWorkItem&id=95563

Workaround
How to rename a user id that does not exist in the LDAP registry
http://www-01.ibm.com/support/docview.wss?rs=3488&uid=swg21417670

Your answer

Register or to post your answer.


Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.