Factors to keep in mind when setting up LDAP authentication at
a site using Rational ClearQuest MultiSite.
If
your team uses Rational ClearQuest® MultiSite, keep in mind the following
factors as you enable the ClearQuest database set for LDAP authentication:
- You can run the installutil set subcommands only from
the working master site of the schema repository. MultiSite replicates the
LDAP parameters that you set to the other sites in the clan. LDAP-authenticated
users at a remote site cannot log in to Rational® ClearQuest until
MultiSite replicates the parameters to that remote site.
- By default, the parameters that you set apply to all sites in the clan.
To apply parameters to a specific site use the –site argument.
- Be sure that the Rational ClearQuest user
profile field that you specify with the setcqldapmap subcommand
is the same at all sites; however, the LDAP attribute that maps to the Rational ClearQuest user profile
field can be different.
- Because you can run the set subcommands only from the working master site,
the administrator of a remote site cannot set parameters specific to that
site. You, as administrator of the working master site, must set the site-specific
parameters or you can make the remote site the working master site so that
the remote site's administrator can run the subcommands.
- You can run the validateldap subcommand with the –site option
to validate a remote site's LDAP settings only if your computer can connect
to the LDAP server at that site. If your computer cannot connect to the LDAP
server, arrange for the remote site administrator to run the subcommand at
the remote site.
- A user's authentication mode is the same for all sites in a clan. You
must set a user's authentication mode only at the site where the user is mastered
by using the User Administration GUI or by running the SetupCQLDAP.pl script
or a script that you write.
Setting up users and groups in a MultiSite environment can be a complex
task. See ../../com.ibm.rational.clearquest.msadmin.doc/topics/c_mng_usrs_grps.htm to ensure that you complete
all MultiSite configuration steps before you begin LDAP configuration work.