Commands to use in disabling LDAP authentication.
Procedure
- To temporarily disable LDAP authentication for a Rational® ClearQuest® database set, set the authentication
algorithm to CQ_ONLY, as shown below. This action locks out all Rational ClearQuest users
whose authentication mode is LDAP. To re-enable LDAP authentication,
set the authentication algorithm to CQ_FIRST.
installutil setauthenticationalgorithm 7.0.0 admin secret CQ_ONLY
- To permanently disable LDAP authentication for a Rational ClearQuest database
set, use the –remove option with the setldapinit, setldapsearch,
and setcqldapmap subcommands. If you use MultiSite
and you want to remove the settings at one particular site, use the –site option
to specify that site. If you use MultiSite and you want to remove
the settings at all sites, or if you do not use MultiSite, use the –allsites option.
The following example permanently disables LDAP authentication for
the 7.0.0 database set by removing the settings at all sites.
Before making any changes to LDAP settings, always set the authentication
algorithm to CQ_ONLY.
installutil setauthenticationalgorithm 7.0.0 admin secret CQ_ONLY
installutil setldapinit 7.0.0 admin secret -allsites -remove
installutil setldapsearch 7.0.0 admin secret -allsites -remove
installutil setcqldapmap 7.0.0 admin secret -allsites -remove
Attention: If you disable LDAP authentication for
a database set, be sure to change the authentication mode for users
to Rational ClearQuest;
otherwise, the users will be unable to log in to Rational ClearQuest.
To enable Rational ClearQuest users
whose authentication mode is set to LDAP to access the Rational ClearQuest database
set, use the User Administration GUI or the SetupCQLDAP.pl script
to set their authentication mode to CQ.