It's all about the answers!

Ask a question

How do you set up an RTC connection to a clustered LDAP server ?


Oliver Kesper (3113) | asked Jul 03 '12, 8:27 a.m.
edited Jul 03 '12, 9:21 a.m. by Geoffrey Clemm (30.0k23035)

Dear all,
I'm trying to set-up a RTC/WAS-LDAP connection to a clustered LDAP-server.
I'm able to setup the WAS stand-alone LDAP realm using just the domain extension (i.e. de.ibm.com) as host.
Although I set the same name (i.e. de.ibm.com) under LDAP Registry Location in the Jazz server advanced admin properties, I'm not able to login to jts nor ccm.
Switching back to a single (dedicated) LDAP server configuration, everything works fine.
Any kind of imput is greatly appreciated.
Many Thanks in advance
Oliver

3 answers



permanent link
Karl Weinert (2.0k52736) | answered Jul 10 '12, 9:05 a.m.
JAZZ DEVELOPER
Oliver,

I believe clustering should work with some limitations. You won't be able to import users and their group membership  won't show up under user administration.  But they should be able to log in and they will be in the right groups. This is because the login checks credentials through WAS and that can be configured to use clustering.
User administration in RTC contacts the LDAP server directly, this includes looking up the groups in user admin as well as when attempting to import users. So both of those will have problems if the users are not available.

I find it odd that you can't log in. What is the error you are getting?
Either way you will want to leave RTC configured to use a single LDAP server

Here's a technote I found
http://www-01.ibm.com/support/docview.wss?uid=swg21458382

There are also a few enhancement requests floating around.
This one is pretty active
https://jazz.net/jazz/web/projects/Jazz%20Foundation#action=com.ibm.team.workitem.viewWorkItem&id=86967

permanent link
Sean G Wilbur (8722421) | answered Jul 11 '12, 6:28 a.m.
JAZZ DEVELOPER
 Using bluepages.ibm.com is already a pseudo server. 

The way that this can be supported today is via network layer devices masking the Fully Qualified Domain Name and SSL key chain to the server can be created seamlessly to any server the traffic gets directed to.

 The only time I have seen an issue is with a forwarding proxy or load balancer. For example using the AD style cluster of ad.company.com that is just a dns forwarding load balancer to a group of servers and the actual connection can be between ad01.company.com, ad02.company.com, ad03.company.com, ad04.company.com. For a situation like this the RFE Karl notes RTC WI#86967 may be required.

  -Sean

permanent link
Oliver Kesper (3113) | answered Jul 23 '12, 8:18 a.m.

It's solved !!!

Thanks Karl and Sean for your very valid answers, both confirming, that RTC should work with LDAP cluster as long as WAS is used as application server.

This helped us continuing in finding a solution and we finally found technote

http://www-01.ibm.com/support/docview.wss?uid=swg21514785

that lead to a well functioning environment using RTC with LDAP cluster and WAS.

Many thanks again for your pointers.

Oliver

Your answer


Register or to post your answer.