It's all about the answers!

Ask a question
QuestionsTagsUsersBadges
Follow this question
Question details

×42,787

question asked: Nov 03 '08, 10:55 a.m.
question was seen: 5,963 times
last updated: Nov 03 '08, 10:55 a.m.

Related questions

FAQ - How this Forum works

LDAP Password Authentication And Tomcat User Management

0
Timo Wolf (61165) | asked Nov 03 '08, 10:55 a.m.
Hi All,

We have a fairly large amount of user in our active directory, so that I do not want to import all users into Jazz.

I want to manage the users manually as in the default configuration and just authenticate the passwords against an LDAP / Active Directory.

Is that possible?

Thanks,

Timo

4 answers

Most liked answers ↑|Newest answers|Oldest answers

0
permanent link
Balaji Krish (1.8k12) | answered Nov 03 '08, 11:22 a.m.
JAZZ DEVELOPER
You can disable the "LDAP nightly sync" functionality using "Enable LDAP nightly sync" property using https://serverName:9443/jazz/admin#action=com.ibm.team.repository.admin.configureAdvanced

To create individual users, you can either
-> import individual users from Active directory or
-> create a new user in Jazz database with matching user id (user id must match the record in Active directory)

---- Balaji
Jazz Server Team

Hi All,

We have a fairly large amount of user in our active directory, so that I do not want to import all users into Jazz.

I want to manage the users manually as in the default configuration and just authenticate the passwords against an LDAP / Active Directory.

Is that possible?

Thanks,

Timo
0
permanent link
Timo Wolf (61165) | answered Nov 07 '08, 8:45 a.m.
Thanks so far, but I think my problem is not solved.

We cannot change any entries in the Active Directory and thus, I cannot map any RTC groups to LDAP groups.

I need a mix between local user management and LDAP authentication. For those users that are created manually and from which the username map to a username in the LDAP directory, I want to authenticate their passwords against the LDAP directory.

Other users, especially the conceptual users like build users are not existent in LDAP and their passwords should be stored in the local tomcat-users.xml file.

The goal is - for the real users / persons - to manage and reuse their passwords in one place, the LDAP directory.

Is such a setup possible, and how do I configure it?

Thanks a lot,

Timo

You can disable the "LDAP nightly sync" functionality using "Enable LDAP nightly sync" property using https://serverName:9443/jazz/admin#action=com.ibm.team.repository.admin.configureAdvanced

To create individual users, you can either
-> import individual users from Active directory or
-> create a new user in Jazz database with matching user id (user id must match the record in Active directory)

---- Balaji
Jazz Server Team

Hi All,

We have a fairly large amount of user in our active directory, so that I do not want to import all users into Jazz.

I want to manage the users manually as in the default configuration and just authenticate the passwords against an LDAP / Active Directory.

Is that possible?

Thanks,

Timo
0
permanent link
Balaji Krish (1.8k12) | answered Nov 10 '08, 8:27 a.m.
JAZZ DEVELOPER
we don't currently support this feature. You have to either use active directory or Tomcat User database.

We are looking at a possibility of introducing a front-end LDAP server for the 2.0 release. Using this mechanism, user authentication is done via corporate LDAP, but the front end LDAP server is responsible for maintaining groups, adding functional users etc.

--- Balaji
Jazz Server Team

Thanks so far, but I think my problem is not solved.

We cannot change any entries in the Active Directory and thus, I cannot map any RTC groups to LDAP groups.

I need a mix between local user management and LDAP authentication. For those users that are created manually and from which the username map to a username in the LDAP directory, I want to authenticate their passwords against the LDAP directory.

Other users, especially the conceptual users like build users are not existent in LDAP and their passwords should be stored in the local tomcat-users.xml file.

The goal is - for the real users / persons - to manage and reuse their passwords in one place, the LDAP directory.

Is such a setup possible, and how do I configure it?

Thanks a lot,

Timo

You can disable the "LDAP nightly sync" functionality using "Enable LDAP nightly sync" property using https://serverName:9443/jazz/admin#action=com.ibm.team.repository.admin.configureAdvanced

To create individual users, you can either
-> import individual users from Active directory or
-> create a new user in Jazz database with matching user id (user id must match the record in Active directory)

---- Balaji
Jazz Server Team

Hi All,

We have a fairly large amount of user in our active directory, so that I do not want to import all users into Jazz.

I want to manage the users manually as in the default configuration and just authenticate the passwords against an LDAP / Active Directory.

Is that possible?

Thanks,

Timo
0
permanent link
Don Rota (14922221) | answered Jan 30 '09, 12:23 p.m.
FORUM ADMINISTRATOR / JAZZ DEVELOPER
You don't have to import all the users.
If you're able to do groups on your server.
You can specify the ldap query in server.xml and specify
the bluegroups in the web.xml file (security roles).

I don't think you can have it both ways though. - that is
managing two sets of users - one in the repository and one
to authenticate and login over the web.

....Don...

timowolf wrote:
Hi All,

We have a fairly large amount of user in our active directory, so that
I do not want to import all users into
Jazz.

I want to manage the users manually as in the default configuration
and just authenticate the passwords against an LDAP / Active
Directory.

Is that possible?

Thanks,

Timo

Your answer

Register or to post your answer.


Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.