Jazz Forum Welcome to the Jazz Community Forum Connect and collaborate with IBM Engineering experts and users

CLM with WAS...do I need LDAP

Questions
Tags
Users
Badges
Sterling Ferguson-II
(1.6k14288273) Jun 14 '12, 10:57 a.m.
Hello,

If I install WAS, do I need to connect it to LDAP?  If not can I connect later with LDAP?

jdoe (non ldap) -> jdoe (ldap)

thanks

0 votes

2 answers
4,754 views
0 votes

Accepted answer

Permanent link
Christophe Elek
JAZZ DEVELOPER (2.9k13021) Jun 14 '12, 11:02 a.m.
Sterling, Short answer - 
No you do not need to connect to LDAP - Yes you can connect to LDAP later


Long answer:
LDAP is used for authentication and synchronization

authentication
You can configure WAS for LDAP authentication or any other authentication WAS supports.
What is important is:
1) you must have authentication (meaning security is on)
2) you must have group mapping (map a user to a group)

then this is passed to the server and the server gives you authorization (who you are and what group you belong to)

Synchronization
For companies who use LDAP as enterprise Registry, you can configure Jazz to synchronize its internal list of user to a LDAP server. This means the list updates itself from the external LDAP.
If you do not want to, you can create the user manually either through the ADMIN or using the repotools command line
What is important is that the Credential returned by the application server during authentication maps the userid in the jazz database

Does it help ?
Sterling Ferguson-II selected this answer as the correct answer

1 vote

Comments
Sterling Ferguson-II
Jun 14 '12, 1:41 p.m.

Thanks for responding...

So, just to be clear...what is needed for step#9+ here:

http://pic.dhe.ibm.com/infocenter/clmhelp/v4r0/topic/com.ibm.jazz.install.doc/topics/t_deploy_was.html

Are you saying that after I am done, I can just create users in jazz?

Christophe Elek
JAZZ DEVELOPER Jun 14 '12, 2:06 p.m.

It depends how you authenticate your users. If you have WAS, where will the user be ? Where will the userid/password be located ? in a file ?

Sterling Ferguson-II
Jun 14 '12, 3:08 p.m.

Not being a system admin, and never having used WAS, I have no idea on how to answer your question. Tomcat it is...!

thanks...

One other answer

Permanent link
Bo Chulindra
JAZZ DEVELOPER (1.3k2718) edited
Jun 18 '12, 10:59 a.m.
You can use a Federated realm in WAS. See https://jazz.net/library/article/97 (although the article is a bit dated). After you create the Federated realm and its groups, you can map those groups to the appropriate Repository roles.

Note that when set up the Jazz Team Server, you will want to choose External Non-LDAP Registry as your User Registry Type.

0 votes

Your answer

Register or log in to post your answer.

Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.

Ask a question
Guidelines
FAQ
Search context
Follow this question

By Email: 

Once you sign in you will be able to subscribe for any updates here.

By RSS:

Answers
Answers and Comments
Question details
× 7,498
× 15

Question asked: Jun 14 '12, 10:57 a.m.

Question was seen: 4,754 times

Last updated: Jun 18 '12, 10:59 a.m.

Confirmation Cancel Confirm