Commands to use in disabling LDAP authentication.
To temporarily disable LDAP authentication for a
Rational ClearQuest® database
set, set the authentication algorithm to CQ_ONLY, as shown below. This action
locks out all
Rational® ClearQuest users
whose authentication mode is LDAP. To re-enable LDAP authentication, set the
authentication algorithm to CQ_FIRST.
installutil setauthenticationalgorithm 7.0.0 admin secret CQ_ONLY
To permanently disable LDAP authentication for a
Rational ClearQuest database
set, use the
–remove option with the
setldapinit,
setldapsearch,
and
setcqldapmap subcommands. If you use MultiSite and
you want to remove the settings at one particular site, use the
–site option
to specify that site. If you use MultiSite and you want to remove the settings
at all sites, or if you do not use MultiSite, use the
–allsites option.
The following example permanently disables LDAP authentication for the
7.0.0 database
set by removing the settings at all sites. Before making any changes to LDAP
settings, always set the authentication algorithm to CQ_ONLY.
installutil setauthenticationalgorithm 7.0.0 admin secret CQ_ONLY
installutil setldapinit 7.0.0 admin secret -allsites -remove
installutil setldapsearch 7.0.0 admin secret -allsites -remove
installutil setcqldapmap 7.0.0 admin secret -allsites -remove
Results
Note: If you disable LDAP authentication for a database set, be sure
to change the authentication mode for users to Rational ClearQuest;
otherwise, the users will be unable to log in to Rational ClearQuest.
To enable Rational ClearQuest users
whose authentication mode is set to LDAP to access the Rational ClearQuest database
set, use the User Administration GUI or the SetupCQLDAP.pl script
to set their authentication mode to CQ.