Configure Rational Focal Point to give users LDAP directory access

Integrate Rational Directory Server with Rational Focal Point

IBM® Rational® Directory Server can interact with an existing corporate LDAP server when it is integrated with Rational® Focal Point™. You can then create LDAP-enabled users in Focal Point. Rational Directory Server is not something that you would normally need to leave running in your environment, but is used to configure the corporate partition that gives Focal Point access to LDAP Server for user authentication.

Share:

Anurag Saraf (anusaraf@in.ibm.com), Senior Staff Software Engineer, IBM

author photoAnurag Saraf is a Rational Tools Administrator in the IBM Software Labs in Pune, India. He works with the IBM Systems and Technology group in Rochester, Minnesota and supports their Rational tools environment, which includes Rational ClearCase, Rational ClearQuest, and Rational Focal Point. He has been with IBM for more than five years and has written for developerWorks previously.


developerWorks Contributing author
        level

25 October 2011

Integrate Rational Directory Server with Rational Focal Point

IBM® Rational® Directory Server can interact with an existing corporate LDAP server, but to use Rational Directory Server, it must be integrated with Rational® Focal Point™. After it is integrated, you can create LDAP-enabled users in Focal Point. Rational Directory Server is not something that you would normally need to leave running in your environment, but is used to configure the corporate partition that allows Focal Point access to your LDAP server for user authentication (examples in this article use the internal IBM BluePages directory).

  1. Start by accessing the Rational Directory Server Admin GUI by entering the following URL in your web browser:
    http://Server Name:Port Number/webrda/rda
  2. At the RDS Login window, shown in Figure 1, enter your Rational Directory Server URL, admin ID, and password for authentication.
RDS URL, RDS Admin, and Password fields

Create and configure a new corporate partition

After successful login, you will be presented with Rational Directory Server Administration Explorer view, shown in Figure 2.

  1. From the tree view in the navigation pane, on the left, expand the explorer (RDS) so you can see the components.
  2. Select Configuration and then Corporate Partition.
Corporate Partition selected under Configuration
  1. Right-click Corporate Partition, and select Create new > Partition from the drop-down menus.
Drop-down menus for Corporate Partition selection

Larger view of Figure 3.

At the next screen, start filling in the partition properties for each tab.

  1. In the first tab of the properties, labeled General (see Figure 4), enter the information for the company LDAP server (for example Hostname or Port).

By default, the "mail" option does not show in the User Logon Attribute drop-down menu. To enable email as a corporate logon attribute:

  1. Edit the TDSConfiguration.xml file this directory:
    /var/IBM/Rational/RDS_5.1/WebAccessServer/apache-tomcat-6.0.16/bin
  2. Add "mail" to the entry key, where /var/IBM/Rational/RDS_5.1 is the installable path of your Rational Directory Server:
    <!—User Logon Attribute 
    <entry key="CORPORATE_USERLOGON_ATTRIBUTE">CN,UID,sAMAccountName,mail</entry>
  1. Restart Rational Directory Server.
  2. Configure the corporate partition (the first panel is filled in for you, see Figure 4, previously), and select mail as the partition logon name.
Information required under the General tab
  1. Now go to the second tab, Search Base Configuration and enter the information for your LDAP server in the Primary Search Base, as the example in Figure 5 shows. Example:
    ou=bluepages,o=ibm.com
Fill information for search base configuration tab
  1. Go to the Change Account, the third tab of the partition properties (Figure 6), to enter your LDAP server authenticated user ID and password.

Note:

These examples use a fictitious IBM serial number and IBM intranet password.

  1. For the Admin User DN (distinguished name), replace the 001234 (IBM serial number) with your serial number (567 is country code):
    uid=IBM Serial Number & Country Code,c=in,ou=bluepages,o=ibm.com
    uid=001234567,c=in,ou=bluepages,o=ibm.com
  2. Enter your LDAP ID and password (IBM intranet password in this example) into the Password and Confirm Password fields.
  3. Click OK.
Change Account tab window

Now you will be able to see the corporate partition that you created (see Figure 7).

Recently created corporate partition

Larger view of Figure 7.


Enable communication with the corporate partition

  1. Log in to Rational Focal Point using the Global Admin ID and password.
  2. Navigate to Users > Rational Directory Server Settings (Figure 8).

Note:
Rational Directory Server settings will be visible in your Focal Point environment only if you have enabled them. Please see the Rational Focal Point User guide for how to enable Rational Directory Server (see Resources for a link).

  1. Fill in the server host name, port number, administrator user name and password, secure connection field and then Save the settings.


Note:

By default, Rational Directory Server Secure Connection field will be set to NO.

Shows fields completed as described

Larger view of Figure 8.

  1. Now create users in Rational Focal Point, and set the authentication method for them to Rational Directory Server.
  2. Under Users, click Add Users, and enter information to create new user entry.
Fill information to add new user

Larger view of Figure 9.

Authenticate users from Rational Directory Server

Larger view of Figure 10.

Users will now be able to log in to Rational Focal Point using their LDAP user IDs and passwords.

Resources

Learn

Get products and technologies

  • Download a free trial version of Rational software.
  • Evaluate other IBM software in the way that suits you best: Download it for a trial, try it online, use it in a cloud environment, or spend a few hours in the SOA Sandbox learning how to implement service-oriented architecture efficiently.

Discuss

Comments

developerWorks: Sign in

Required fields are indicated with an asterisk (*).


Need an IBM ID?
Forgot your IBM ID?


Forgot your password?
Change your password

By clicking Submit, you agree to the developerWorks terms of use.

 


The first time you sign into developerWorks, a profile is created for you. Information in your profile (your name, country/region, and company name) is displayed to the public and will accompany any content you post, unless you opt to hide your company name. You may update your IBM account at any time.

All information submitted is secure.

Choose your display name



The first time you sign in to developerWorks, a profile is created for you, so you need to choose a display name. Your display name accompanies the content you post on developerWorks.

Please choose a display name between 3-31 characters. Your display name must be unique in the developerWorks community and should not be your email address for privacy reasons.

Required fields are indicated with an asterisk (*).

(Must be between 3 – 31 characters.)

By clicking Submit, you agree to the developerWorks terms of use.

 


All information submitted is secure.

Dig deeper into Rational software on developerWorks


static.content.url=http://www.ibm.com/developerworks/js/artrating/
SITE_ID=1
Zone=Rational, DevOps
ArticleID=766914
ArticleTitle=Configure Rational Focal Point to give users LDAP directory access
publish-date=10252011