Welcome to Telelogic Product Support
  Home Downloads Knowledgebase Case Tracking Licensing Help Telelogic Passport
Telelogic DOORS (steve huntington)
Decrease font size
Increase font size
Topic Title: DOORS and LDAP
Topic Summary:
Created On: 29-Oct-2003 17:15
Status: Post and Reply
Linear : Threading : Single : Branch
Search Topic Search Topic
Topic Tools Topic Tools
Quick Reply Quick Reply
Subscribe to this topic Subscribe to this topic
E-mail this topic to someone. E-mail this topic
Bookmark this topic Bookmark this topic
View similar topics View similar topics
View topic in raw text format. Print this topic.
Answer This question was answered by Richard Stedham, on Friday, March 11, 2005 5:03 PM

Answer:
I have setup DOORS 7.1 with our LDAP server and configured it with a group for the DOORS groups. I found that users and groups are not listed in the access rights until they login. This means groups cannot be used to setup a project access rights before the project starts.
A workaround is to use a 'special' account that is in the relevant groups and login to this account.
I will be raising this with Telelogic support.
 29-Oct-2003 17:15
User is offline View Users Profile Print this message


Cory Hug

Posts: 20
Joined: 30-Sep-2003

Is there anyone else out there who had implemented LDAP with DOORS? I'm looking for any feedback on configuration issues, or things to watch out for.

We're in the process of implementing DOORS for the first time in our company and we are looking very heavily at LDAP so users can just use the same passwords for DOORS that they currenly use for their Windows Active Directory account.

Other than about 3 pages in the "Managing DOORS" manual on configuring it, I can't find any other information on details of using DOORS with LDAP. There's some stuff on Synergy and LDAP on the Support web site, but we don't have Synergy so I can't see those documents.

Any comments or feedback from others who have implented LDAP with DOORS would be greatly appreciated.

Thanks!!
Report this to a Moderator Report this to a Moderator
 30-Oct-2003 20:54
User is offline View Users Profile Print this message


Louie Landale

Posts: 2070
Joined: 12-Sep-2002

Don't know anything about "LDAP".

But one of your DOORS DB options is to "use system login names" when logging into DOORS. If you select that option [] you must specify a system name for each DOORS user [] Typically the DOORS user name will be identical to the system login name [] I think the "use passwords" option is automatically cleared [] Passwords for each user is ignored, but I suggest you make the password the same as the DOORS user, just in case in the future you need to enable passwords.

For example, system user "landale" will have a DOORS account named "landale", whose DOORS system name is "landale". After a user logs into Windows as "landale" and double clicks on the DOORS icon, there is no login screen, he logs into DOORS as "landale". ONLY system user "landale" can log in as DOORS user "landale".

You CAN have multiple DOORS users for a system user. If DOORS user "landale-Standard" has system login name of "landale" (also), then "landale" WILL recieve a DOORS login screen, where he must type in one of his associated logins, either "landale" or "landale-Standard" (password box is greyed out). Better would be to have two DOORS icons, one command line says "... doors.exe -u landale" and the other "... doors.exe -u landale-Standard". The user will log into the correct DOORS user bypassing the DOORS login screen.

This is a good scheme, but Managers may need to log out of the network and log back in, in order to use different DOORS accounts (such as "Adminstrator").

On a side note: as an DB Manager, a Project Manager, a user, and a DXL coder I have a few DOORS accounts and it works as outlined above.

- Louie
Report this to a Moderator Report this to a Moderator
 31-Oct-2003 18:28
User is offline View Users Profile Print this message


Cory Hug

Posts: 20
Joined: 30-Sep-2003

Thanks for the reply Louie, but actually I do already know about the System Usernames. Unfortunately, there are 2 issues with it which is why we're not planning to use it.

1. We want passwords on the DOORS database for security purposes. That means, even using System Usernames, we have the same issues of having to have another password for the user to remember and us to manage. LDAP will eliminate that problem by users being able to use the same password the users currently use for the Windows Active Directory account.

2. I've been told by a DOORS Application Engineer that the electronic signature (used for signing off on Baselines or in the Change Proposal System) doesn't work when you enable System Usernames. This will be a major issue for us since we intend to use electronic signature heavily for approvals.

Report this to a Moderator Report this to a Moderator
 28-Apr-2004 15:23
User is offline View Users Profile Print this message


Richard Stedham

Posts: 19
Joined: 10-Dec-2003

Answer Answer
I have setup DOORS 7.1 with our LDAP server and configured it with a group for the DOORS groups. I found that users and groups are not listed in the access rights until they login. This means groups cannot be used to setup a project access rights before the project starts.
A workaround is to use a 'special' account that is in the relevant groups and login to this account.
I will be raising this with Telelogic support.
Report this to a Moderator Report this to a Moderator
 13-May-2004 18:48
User is offline View Users Profile Print this message


Cory Hug

Posts: 20
Joined: 30-Sep-2003

Richard, we do have a few issues with how DOORS works with LDAP, but that's not one of them. In ours, users and groups show up as soon as they're added.

Our LDAP is tied into Windows Active Directory. The LDAP server is whatever is built in to Windows Server 2000. Maybe your issue is specific fo the LDAP server software you're using?
Report this to a Moderator Report this to a Moderator
 25-May-2004 19:08
User is offline View Users Profile Print this message


Cory Hug

Posts: 20
Joined: 30-Sep-2003

Thought I would post some more recent info on this in case anyone else is looking for info on DOORS and LDAP.

Bottom line is that if you want to use LDAP and you're on DOORS 7.0 or 7.0 SP1, you should upgrade to version 7.1. It solved several issues for me with regards to LDAP. Below is some more detail.

Our DOORS setup was working just fine until about a week ago. We were running DOORS 7.0 SP1. All of a sudden one day we couldn't get in. We hadn't made any changes on the DOORS side, so it had to be something on the LDAP server side. According our LDAP folks, the only thing they had done is installed some new Microsoft security patches on all our Windows servers (which of course includes our domain controllers and the LDAP server). One of the patches applied was MS04-011. This patch includes a fix for a vulnerability in the Microsoft implementation of LDAP on the server side. I have not proof, but I suspect this patch broke our DOORS link to LDAP. In doing a Google search, I found many forums saying that this patch broke an LDAP interface with SAMBA on Unix, so I think it's reasonable to guess that it's the cause of my problem too.

I was expecting to have to fix this on the Microsoft server side, which was going to be like pulling teeth since that's a completely different group of people in the company who don't like to have to do a lot of work to fix a problem with one measly application used by only a few people (we have very small DOORS implementation so far).

However, I checked Telelogic's web site and noticed that version 7.1 had been released earlier this month. I downloaded and put it in a test environment. I was surprised to find that it worked fine with the LDAP. Not only did it solve my issue that only came about last week as a result of the Microsoft patch, but it also solved another issue I'd had since the beginning but had been working around.

I find it odd though that the "fixes" documentation for version 7.1 makes no mention whatsoever of any changes in the software related to LDAP.
Report this to a Moderator Report this to a Moderator
Statistics
20925 users are registered to the Telelogic DOORS forum.
There are currently 1 users logged in.
The most users ever online was 15 on 15-Jan-2009 at 16:36.
There are currently 0 guests browsing this forum, which makes a total of 1 users using this forum.
You have posted 0 messages to this forum. 0 overall.

FuseTalk Standard Edition v3.2 - © 1999-2009 FuseTalk Inc. All rights reserved.