It's all about the answers!

Ask a question
QuestionsTagsUsersBadges
Guidelines | FAQ
Follow this question
Question details

×42,883
×7,479
×6,115
×1,697
×88

question asked: Jul 11 '12, 8:44 a.m.
question was seen: 8,509 times
last updated: Jul 11 '12, 12:39 p.m.

Related questions

Integrate LDAP with Jazz Team Server

0
Anurag Rajput (8021723) | asked Jul 11 '12, 8:44 a.m.
Hi,
I am new to Rational and I want to Configure jazz team server with Ldap server (Active directory) in domain Testing.com
so What should i write in Base User DN ,User Property Names Mapping , Base Group DN, Jazz to Ldap Group Mapping  
I am doing it for the first time so kindly help me out with this

Thanks and Regards,
Anurag Rajput

2 answers

Most liked answers ↑|Newest answers|Oldest answers

0
permanent link
Karl Weinert (2.0k52736) | answered Jul 11 '12, 9:16 a.m.
JAZZ DEVELOPER
edited Jul 11 '12, 9:18 a.m.
That really depends on how you set it up.
Here is what mine looks like after changing the actual domain to testing.com to match yours
I didn't set up the AD server but I'm assuming it is pretty much the default.

BASE DN
DC=testing,DC=com

Base User DN
CN=Users,DC=testing,DC=com

User Property Names Mapping
Note I map emailAddress to sAMAccountName because we don't use the email address in our domain.
userId=sAMAccountName,name=cn,emailAddress=sAMAccountName

Base Group DN
Note my groups are in the same place as the users so the value is the same as the Base user DN
CN=UsersDC=testing,DC=com

Jazz to LDAP Group Mapping
Note the group value to the right of the equal sign is the group name in AD
JazzAdmins=JazzAdmins,JazzUsers=JazzUsers,JazzDWAdmins=JazzDWAdmins,JazzProjectAdmins=JazzProjectAdmins,JazzGuests=JazzGuests

Group Name Property
cn

Group Member Property
member
0
permanent link
Guido Schneider (3.4k1491115) | answered Jul 11 '12, 9:41 a.m.
edited Jul 11 '12, 9:42 a.m.

Below all values I'm using, which are different than default.

I'm using the Global Catalog as LDAP server and not the Domain Controller. So I can authenticate the whole forest.

I'm using the UserPrincipalName (UPN) as UserID. This is the Windows Logonname, Microsoft has introduced with Windows2000. This allows to have domain independand logons, valid in whole forest.

Because I'm using the Global catalog as LDAP Server, the groups should be Universal Groups.

Jazz dosn't allow nested groups. This means, all users must be flat in the universal groups.

My naming in the example: dom21 is the domain in the forest meienberg.net, where the universal groups are defined.

Base Group DN
OU=UserGroups,OU=GROUPS,OU=CH,DC=dom21,DC=meienberg,DC=net

Base User DN
DC=meienberg,DC=net

Find Users by any Name Query
(| (displayName=* ?1*) (displayName=*_?1*))

Find Users by Name Query
displayName=?1*

Find Users by User Id Query
userPrincipalName=?1

Groups Member Property
member

Jazz to LDAP Group Mamping
JazzAdmins=MEI-JazzAdmins-MEM, JazzUsers=MEI-JazzUsers-MEM, JazzDWAdmins=MEI-JazzDWAdmins-MEM, JazzProjectAdmins=MEI-JazzProAdmin-MEM, JazzGuests=MEI-JazzGuests-MEM

LDAP Registry Location
ldap://meienberg.net:3268

Password
password

User Property Names Mapping
userId=userPrincipalName,name=displayName,emailAddress=mail

Comments
1
Andrew Codrington commented Jul 11 '12, 11:33 a.m.

Don't forget the magical subgroup OID for use with MS Active Directory.

See: https://jazz.net/jazz/web/projects/Jazz%20Foundation#action=com.ibm.team.workitem.viewWorkItem&id=59463

The fun starts around comment #51.

Guido Schneider commented Jul 11 '12, 12:39 p.m.

If I correctly understand on a 4.0 system I just have to add "member:1.2.840.113556.1.4.1941:" to the "Groups member property" to have nested groups supported? Have you tested this?

Your answer

Register or to post your answer.


Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.