CLM with WAS...do I need LDAP
Hello,
If I install WAS, do I need to connect it to LDAP? If not can I connect later with LDAP? jdoe (non ldap) -> jdoe (ldap) thanks
|
Accepted answer
Sterling, Short answer -
No you do not need to connect to LDAP - Yes you can connect to LDAP later Long answer: LDAP is used for authentication and synchronization authentication You can configure WAS for LDAP authentication or any other authentication WAS supports. What is important is: 1) you must have authentication (meaning security is on) 2) you must have group mapping (map a user to a group) then this is passed to the server and the server gives you authorization (who you are and what group you belong to) Synchronization For companies who use LDAP as enterprise Registry, you can configure Jazz to synchronize its internal list of user to a LDAP server. This means the list updates itself from the external LDAP. If you do not want to, you can create the user manually either through the ADMIN or using the repotools command line What is important is that the Credential returned by the application server during authentication maps the userid in the jazz database Does it help ?
Sterling Ferguson-II selected this answer as the correct answer
Comments
Sterling Ferguson-II
commented Jun 14 '12, 1:41 p.m.
Thanks for responding... So, just to be clear...what is needed for step#9+ here: http://pic.dhe.ibm.com/infocenter/clmhelp/v4r0/topic/com.ibm.jazz.install.doc/topics/t_deploy_was.html Are you saying that after I am done, I can just create users in jazz? It depends how you authenticate your users. If you have WAS, where will the user be ? Where will the userid/password be located ? in a file ?
Sterling Ferguson-II
commented Jun 14 '12, 3:08 p.m.
Not being a system admin, and never having used WAS, I have no idea on how to answer your question. Tomcat it is...! thanks... |
One other answer
Bo Chulindra (1.3k●2●7●18)
| answered Jun 18 '12, 10:59 a.m.
JAZZ DEVELOPER edited Jun 18 '12, 10:59 a.m.
You can use a Federated realm in WAS. See https://jazz.net/library/article/97 (although the article is a bit dated). After you create the Federated realm and its groups, you can map those groups to the appropriate Repository roles.
Note that when set up the Jazz Team Server, you will want to choose External Non-LDAP Registry as your User Registry Type. |
Your answer
Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.