It's all about the answers!

Ask a question

Login problems with LDAP


Bruno Di Giandomenico (501123) | asked Jan 08 '13, 3:51 a.m.
Hello, I have browsed through the questions in the forum, but I could not find an answer to my problem.
I shall try to describe it and maybe somebody can point me to the right discussion.

Very simply said we are using RTC 4.0.1 on a VmWare server which uses Windows Server 2008 R2.
The database we are using is MS SQLserver express 2008, as it should be enough for our purposes, for the time being.
We have tried to connect our server to our domain LDAP server, but we currently cannot login in RTC by using the imported users.  We always get the message "Invalid User ID or password". We are not using WebSphere.

I am enclosing a portion of the teamserver.properties, in the hope it can help others understand if we are doing something seriuosly wrong. I see other people having no problems in logging in using LDAP, so we would like to do it as well.

------------------------------------------------------------------------------------------------------------------------------------
com.ibm.team.datawarehouse.auth.type=JTS
com.ibm.team.repository.ldap.membersOfGroup=member
com.ibm.team.repository.db.jdbc.location=//ceres\:1433;databaseName\=jts;user\=jtsDBuser;password\={password}
com.ibm.team.datawarehouse.auth.userId=028388bc6fd94b7db921f8187ded60d0
com.ibm.team.repository.changeEvent.expirationByCategory=SystemLog\:259200
com.ibm.team.repository.RLSTokenService.tokenLicensePath=19353@bianca
com.ibm.team.repository.ldap.baseUserDN=ou\=UserTSMT,dc\=tsmt,dc\=net
com.ibm.team.datawarehouse.db.jdbc.location=//ceres\:1433;databaseName\=dw;user\=dwDBuser;password\={password}
com.ibm.team.repository.notification.mail.smtp.server=tsmtmail.tsmt.net
com.ibm.team.fulltext.indexLocation=conf/jts/indices/workitemindex
com.ibm.team.repository.web.helpuri=/clmhelp/index.jsp
com.ibm.team.repository.diagnostic.dnsResolutionDiagnostic.externalHostname=tsmt.net
com.ibm.team.repository.db.jdbc.password=[k0Hdl4yYF5/VhPT0IKeV3w\=\=]
com.ibm.team.repository.ldap.userAttributesMapping=userId\=cn,name\=displayName,emailAddress\=mail
com.ibm.team.repository.notification.mail.from_name=jazz
com.ibm.team.repository.notification.mail.from=Jazz@tsmt.net
com.ibm.team.repository.notification.mail.enabled=false
com.ibm.team.datawarehouse.db.jdbc.password=[z30UFj2BBvaqhIZHiC9JRg\=\=]
com.ibm.team.repository.db.repoLockId=_ZD2KUDk5EeKYmfO0PQ739A
com.ibm.team.repository.user.registry.type=LDAP
com.ibm.team.repository.ws.allow.identity.assertion=false
com.ibm.team.repository.ldap.registryLocation=ldap\://tsmtdom1.tsmt.net\:389
com.ibm.team.datawarehouse.auth.password=[nVljcwAbVUnJFFJU47Aq0MYvATN3hVdYbnuMeSS9eIluZ4R66KIsDqOD47eGgist]
com.ibm.team.repository.ldap.baseGroupDN=ou\=JazzGroup,dc\=tsmt,dc\=net
com.ibm.team.repository.notification.mail.reply=fontana@tsmt.net;viano@tsmt.net;digiandomenico@tsmt.net
com.ibm.team.repository.changeEvent.expirationDefault=1209600
com.ibm.team.repository.licenseService.floatingLicenseServerURI=https\://ceres\:9443/jts/
com.ibm.team.repository.tokenProviderService=com.ibm.rational.common.token.licensing.RLSTokenService
com.ibm.team.repository.ldap.findUsersByNameQuery=displayName\=?1*
com.ibm.team.repository.ldap.registryUserName=jazz_admin@tsmt.net
com.ibm.team.repository.web.suppressedPages={"com.ibm.team.repository.web.admin"\: ["com.ibm.team.repository.provision"]}
com.ibm.team.datawarehouse.datawarehouse.jobs.enabled=true
com.ibm.team.repository.setup.completed.setup=true
com.ibm.team.repository.ldap.registryPassword=administrator
com.ibm.team.repository.server.webapp.url=https\://ceres\:9443/jts
com.ibm.team.datawarehouse.db.automatic.setup=true
com.ibm.team.repository.db.vendor=sqlserver
com.ibm.team.repository.ldap.findUsersByUserIdQuery=cn\=?1
com.ibm.team.jfs.index.root.directory=indices
com.ibm.team.datawarehouse.db.net.port=1527
com.ibm.team.repository.ws.allow.admin.access=false
com.ibm.team.repository.ldap.findUsersByAnyNameQuery=(| (displayName\=* ?1*) (displayName\=*_?1*))
com.ibm.team.datawarehouse.db.vendor=sqlserver
com.ibm.team.datawarehouse.datawarehouse.provider=Remote
com.ibm.team.datawarehouse.db.base.folder=C\:\\RTC
-------------------------------------------------------------------------------------------------------------------------

Thanks in advance for any help.

Bruno

Accepted answer


permanent link
Ralph Schoon (62.9k33645) | answered Jan 08 '13, 4:21 a.m.
FORUM ADMINISTRATOR / FORUM MODERATOR / JAZZ DEVELOPER
edited Jan 08 '13, 4:21 a.m.
Bruno, the information above is not nearly enough to debug your problem.

Can you log in with your administrative user? It looks like it, otherwise you would not be able to sync users in.

If you can, my guess is you failed with the LDAP setup.

  1. Make sure your administrative user user has a valid LDAP account.
  2. Please run Setup again.
    1. On the LDAP setup page follow the hints provided to the support technote. It guides you to download a tool that allows you to verify your LDAP settings. https://jazz.net/library/article/831 could also provide you some hints on set up with MS AD.
    2. Make sure the LDAP settings and parameters you are using work and are valid with the tool.
  3. If setting up with Tomcat, also make sure to follow the last directions in the LDAP setup step. Don't forget to replace the web.xml files manually. Keep a backup of the old file, in case your LDAP settings don't work.

I
Bruno Di Giandomenico selected this answer as the correct answer

Comments
Bruno Di Giandomenico commented Jan 08 '13, 4:49 a.m.

Some answers first.

  1. Yes we can login with the administrative account.The account, called jazz_admin is a LDAP account. On this I have some slight doubt, which I have to check, because it was created before the connection to LDAP was performed, so I beleieve it was local. I have a slight suspicion that if I try to import it as well from LDAP I will not be able to enter RTC as admin. I can bypass that though creating another local user as admin.
  2. We downloaded the tool and it was a great help. But not final, alas.
  3. We did not replace the web.xml file, I'll have a look there.
Thanks for the time being, I' ll report later.


Ralph Schoon commented Jan 08 '13, 5:11 a.m.
FORUM ADMINISTRATOR / FORUM MODERATOR / JAZZ DEVELOPER

It is several files for JTS, CCM, QM.

Your answer


Register or to post your answer.