Integrate LDAP with Jazz Team Server
I am new to Rational and I want to Configure jazz team server with Ldap server (Active directory) in domain Testing.com
so What should i write in Base User DN ,User Property Names Mapping , Base Group DN, Jazz to Ldap Group Mapping
I am doing it for the first time so kindly help me out with this
Thanks and Regards,
Anurag Rajput
2 answers
Here is what mine looks like after changing the actual domain to testing.com to match yours
I didn't set up the AD server but I'm assuming it is pretty much the default.
BASE DN
DC=testing,DC=com
Base User DN
CN=Users,DC=testing,DC=com
User Property Names Mapping
Note I map emailAddress to sAMAccountName because we don't use the email address in our domain.
userId=sAMAccountName,name=cn,emailAddress=sAMAccountName
Base Group DN
Note my groups are in the same place as the users so the value is the same as the Base user DN
CN=UsersDC=testing,DC=com
Jazz to LDAP Group Mapping
Note the group value to the right of the equal sign is the group name in AD
JazzAdmins=JazzAdmins,JazzUsers=JazzUsers,JazzDWAdmins=JazzDWAdmins,JazzProjectAdmins=JazzProjectAdmins,JazzGuests=JazzGuests
Group Name Property
cn
Group Member Property
member
Below all values I'm using, which are different than default.
I'm using the Global Catalog as LDAP server and not the Domain Controller. So I can authenticate the whole forest.
I'm using the UserPrincipalName (UPN) as UserID. This is the Windows Logonname, Microsoft has introduced with Windows2000. This allows to have domain independand logons, valid in whole forest.
Because I'm using the Global catalog as LDAP Server, the groups should be Universal Groups.
Jazz dosn't allow nested groups. This means, all users must be flat in the universal groups.
My naming in the example: dom21 is the domain in the forest meienberg.net, where the universal groups are defined.
Base Group DN
OU=UserGroups,OU=GROUPS,OU=CH,DC=dom21,DC=meienberg,DC=net
Base User DN
DC=meienberg,DC=net
Find Users by any Name Query
(| (displayName=* ?1*) (displayName=*_?1*))
Find Users by Name Query
displayName=?1*
Find Users by User Id Query
userPrincipalName=?1
Groups Member Property
member
Jazz to LDAP Group Mamping
JazzAdmins=MEI-JazzAdmins-MEM, JazzUsers=MEI-JazzUsers-MEM, JazzDWAdmins=MEI-JazzDWAdmins-MEM, JazzProjectAdmins=MEI-JazzProAdmin-MEM, JazzGuests=MEI-JazzGuests-MEM
LDAP Registry Location
ldap://meienberg.net:3268
Password
password
User Property Names Mapping
userId=userPrincipalName,name=displayName,emailAddress=mail
Comments
Don't forget the magical subgroup OID for use with MS Active Directory.
The fun starts around comment #51.
1 vote
If I correctly understand on a 4.0 system I just have to add "member:1.2.840.113556.1.4.1941:" to the "Groups member property" to have nested groups supported? Have you tested this?