Welcome to the Jazz Community Forum
Planning to Migrate RTC User Registry (Apache LDAP to AD)
Hi,
We Have RTC 3.0.1.1 using Apache LDAP User Registry
RTC History and objects are mapped with User ID's (Alpha Numeric Standards)
we are planning to migrate from Apache LDAP to AD
but the AD will not accept the RTC User ID's which are (Alpha Numeric) due to compliance issue we need to use User ID's (Numeric)..
I have 700 RTC Users with different format in Apache LDAP and if I migrate to AD..
Whats Impact on RTC Object History and Please let me know the Impact on the Data..
Let me know if you have details How we gone achieve the above activities.
Regards,
Sri
We Have RTC 3.0.1.1 using Apache LDAP User Registry
RTC History and objects are mapped with User ID's (Alpha Numeric Standards)
we are planning to migrate from Apache LDAP to AD
but the AD will not accept the RTC User ID's which are (Alpha Numeric) due to compliance issue we need to use User ID's (Numeric)..
I have 700 RTC Users with different format in Apache LDAP and if I migrate to AD..
Whats Impact on RTC Object History and Please let me know the Impact on the Data..
Let me know if you have details How we gone achieve the above activities.
Regards,
Sri
9 answers
Hi Sri,
I have not tried it myself and would advise to test it on a test server first.....
If you have to create 700 new users there will be no relationship between the old IDs and the new ones. I believe all user links would be broken.
It is possible to change the user ID's with a trick.
Search jazz
https://jazz.net/search_results.jsp?q=#page=0&type=&q=LDAP%20unsupported
You basically set "Non-LDAP user registry" = UNSUPPORTED. Then you can change the user ID's. I assume the internal identifier will keep the new ID's and the rest of the data consistent. Other posts I have seen around this indicate this, but I haven't tried myself. I am not sure if this can be run during operation or not and if other users can still log in.. I would consider a test run. If it works you should be able to reactivate the other LDAP and have the new ID's working.
I have not tried it myself and would advise to test it on a test server first.....
If you have to create 700 new users there will be no relationship between the old IDs and the new ones. I believe all user links would be broken.
It is possible to change the user ID's with a trick.
Search jazz
https://jazz.net/search_results.jsp?q=#page=0&type=&q=LDAP%20unsupported
You basically set "Non-LDAP user registry" = UNSUPPORTED. Then you can change the user ID's. I assume the internal identifier will keep the new ID's and the rest of the data consistent. Other posts I have seen around this indicate this, but I haven't tried myself. I am not sure if this can be run during operation or not and if other users can still log in.. I would consider a test run. If it works you should be able to reactivate the other LDAP and have the new ID's working.
Hi,
Thanks for the information.
Please let me know where to change the option below, I tried finding in Advanced Properties.
The Registry type to "Non-LDAP user registry" = UNSUPPORTED ( can you please let me know what impact will happen when we change)
If we change the Option "Non-LDAP user registry" = UNSUPPORTED.
does it retain the old user id references on the Object ownership and does it allows the new user id for modifying the Objects in RTC.
Regards,
sri
Thanks for the information.
Please let me know where to change the option below, I tried finding in Advanced Properties.
The Registry type to "Non-LDAP user registry" = UNSUPPORTED ( can you please let me know what impact will happen when we change)
If we change the Option "Non-LDAP user registry" = UNSUPPORTED.
does it retain the old user id references on the Object ownership and does it allows the new user id for modifying the Objects in RTC.
Regards,
sri
Hi Sri,
I have not tried it myself and would advise to test it on a test server first.....
If you have to create 700 new users there will be no relationship between the old IDs and the new ones. I believe all user links would be broken.
It is possible to change the user ID's with a trick.
Search jazz
https://jazz.net/search_results.jsp?q=#page=0&type=&q=LDAP%20unsupported
You basically set "Non-LDAP user registry" = UNSUPPORTED. Then you can change the user ID's. I assume the internal identifier will keep the new ID's and the rest of the data consistent. Other posts I have seen around this indicate this, but I haven't tried myself. I am not sure if this can be run during operation or not and if other users can still log in.. I would consider a test run. If it works you should be able to reactivate the other LDAP and have the new ID's working.
Hi,
please have a look in the Advanced Properties in the "manage application" admin section for the Jazz Team Server and the applications (CCM/QM). Search the page for LDAP. It is in the section where you have the LDAP settings.
As far as I know the UNSUPPORTED registry type makes the ID's writable, so you can change the user ID's. That data is stored internally and the ID is passed to LDAP.
Please note that after changing the ID's, you can't log in, unless you do the same change in your current LDAP.
I would also be careful with synching in data from AD unless you have verified all changed user ID's.
please have a look in the Advanced Properties in the "manage application" admin section for the Jazz Team Server and the applications (CCM/QM). Search the page for LDAP. It is in the section where you have the LDAP settings.
As far as I know the UNSUPPORTED registry type makes the ID's writable, so you can change the user ID's. That data is stored internally and the ID is passed to LDAP.
Please note that after changing the ID's, you can't log in, unless you do the same change in your current LDAP.
I would also be careful with synching in data from AD unless you have verified all changed user ID's.
Hello,
we had the same problem with MSADS in migrating an existing UID batch of users. The UID was not compliant to the SamAccountID of MSADS. So we utilized a non used LDAP attribute for the exusting uid and mapped the Jazz uid and WAS uid LDAP settings to that attribute.
So a user has 2 now uids
SAMAccountID = new uid for corporate standards
notUsedField = old uid from older LDAP directory mapped to uid in JTS/WAS LDAP settings
Best Regards,
Ren
we had the same problem with MSADS in migrating an existing UID batch of users. The UID was not compliant to the SamAccountID of MSADS. So we utilized a non used LDAP attribute for the exusting uid and mapped the Jazz uid and WAS uid LDAP settings to that attribute.
So a user has 2 now uids
SAMAccountID = new uid for corporate standards
notUsedField = old uid from older LDAP directory mapped to uid in JTS/WAS LDAP settings
Best Regards,
Ren
Hi All,
We have a similar requirement now. Could you please post the detailed steps to be followed? My understanding is that we change type to unsupported, change the id's and then point LDAP to AD?
Thanks,
Valli.
We have a similar requirement now. Could you please post the detailed steps to be followed? My understanding is that we change type to unsupported, change the id's and then point LDAP to AD?
Thanks,
Valli.
Hello,
we had the same problem with MSADS in migrating an existing UID batch of users. The UID was not compliant to the SamAccountID of MSADS. So we utilized a non used LDAP attribute for the exusting uid and mapped the Jazz uid and WAS uid LDAP settings to that attribute.
So a user has 2 now uids
SAMAccountID = new uid for corporate standards
notUsedField = old uid from older LDAP directory mapped to uid in JTS/WAS LDAP settings
Best Regards,
Ren
Hi All,
We have a similar requirement now. Could you please post the detailed steps to be followed? My understanding is that we change type to unsupported, change the id's and then point LDAP to AD?
Thanks,
Valli.
That is my understanding of one option. I would recommend to try that with a test server before doing it in production.
Hi,
I didnt quite understand Rene's approach. And i understand that in both these cases, the object ownership info, history etc gets modified with the new id's? - this is the main concern.
Could you pls throw more light on Rene's approach and which one is comparatively easier?
Thanks.
Rene's proposal is another valid approach I guess.
I didnt quite understand Rene's approach. And i understand that in both these cases, the object ownership info, history etc gets modified with the new id's? - this is the main concern.
Could you pls throw more light on Rene's approach and which one is comparatively easier?
Thanks.
Hi All,
We have a similar requirement now. Could you please post the detailed steps to be followed? My understanding is that we change type to unsupported, change the id's and then point LDAP to AD?
Thanks,
Valli.
Rene's proposal is another valid approach I guess.
They introduced a new attribute in their MSADM user entry. This attribute got set to the user ID used in Jazz. LDAP setup has to change to use the new attribute.
You could have an "official" user ID (sAMAccountID) like 1245639856 but in Jazz you would have user ID valli. You would have the same password. We have seen this in the past also, when the official user ID's are not the desired Jazz user id's.
You could have an "official" user ID (sAMAccountID) like 1245639856 but in Jazz you would have user ID valli. You would have the same password. We have seen this in the past also, when the official user ID's are not the desired Jazz user id's.