Checklist of required information and steps to configure a Rational
ClearQuest database set for LDAP.
Following
is the list of questions you need to ask your LDAP administrator in order
to configure a Rational ClearQuest database set for LDAP authentication.
Questions:
- A. What is the host name of the LDAP server? ________________________
- B. What is the TCP port number (non-SSL)? ______
- C. Does the LDAP server allow anonymous searches? ____
- C1. What is the DN of the search account? _______________________
- C2. What is the password of the search account? ____________________
- D. What is the base DN from which to start searching for LDAP user directory
entries that correspond to Rational® ClearQuest® users?
___________________________
- E. What is the scope of the search from the base DN? ____________
- F. What is the LDAP attribute that is used to store the user entry login
name values? _________________
- G. What is the LDAP search filter that ClearQuest must use to select the
LDAP user entry based on the attribute specified in the previous question?
_________________________________
- H. What is the LDAP attribute of the user entry to be used to map the
user to a corresponding ClearQuest user profile record? __________
- I. What is the login name of a user entry that can be used to validate
that ClearQuest can
correctly authenticate a user against the LDAP directory? _______________________
- J. What is the password for the user entry specified in the previous question?
__________________
Run the following commands from the directory where ClearQuest is
installed (for example, C:\Program Files\Rational\ClearQuest): These commands
assume that the answers to the above questions were as shown in the topic Collecting LDAP information.
-
installutil setauthenticationalgorithm dbset_name cq_user cq_password CQ_ONLY
-
installutil setldapinit dbset_name cq_user cq_password "-h <A> -p <B> -D <C1>
-w <C2>"
-
installutil setldapsearch dbset_name cq_user cq_password "-s <E> -b <D> <G>"
-
installutil setcqldapmap dbset_name cq_user cq_password cq_user_field <H>
-
installutil validateldap dbset_name cq_user cq_password <I> <J>
-
installutil setauthenticationalgorithm dbset_name cq_user cq_password CQ_FIRST
- Set every user's authentication mode by using the User Administration
GUI or the SetupCQLDAP.pl script.
- Test your database set's LDAP settings by having users log in to Rational ClearQuest by entering
the LDAP login name and password.