IBM Support

LDAP user validation error: The user "XXXXXXX" does not have the JazzAdmins role

Troubleshooting


Problem

When validating the LDAP User during setup, you may receive an error: Testing the LDAP configuration resulted in errors. Please verify settings and restest. ID CRJAZ1558E The user "XXXXXXX" does not have the JazzAdmins role. Please check the LDAP configuration.

Symptom


After correctly configuring the User Registry to use LDAP during the setup wizard, clicking the Test Connection button results in a popup requiring a user that is part of the JazzAdmins group on the LDAP server.

Validate LDAP User

Enter a user ID to validate that the user can log in with administrative privileges after the configuration is finished.


After adding a valid user and choosing OK, the following error message is returned:


    Testing the LDAP configuration resulted in errors. Please verify settings and restest. ID CRJAZ1558E

    Details
    The user "XXXXXXX" does not have the JazzAdmins role. Please check the LDAP configuration.


Setup is unable to continue.

Cause


Microsoft Active Directory Distinguished Names (DN) for group membership includes the common name (CN) of the user as part of the DN. In some instances the users CN may include special characters such as a comma and or a backslash.

Example of the JazzAdmins group in Active Directory with John Smith as a member:

    distinguishedName: CN=JazzAdmins,CN=Users,DC=domain,DC=com

    .

    member: CN=Smith\, John,CN=Users,DC=domain,DC=com



This is a known issue and is being addressed in Defect 61067

Resolving The Problem

Choose the "Skip" button and continue.



You will see the following message and be allowed to continue.

LDAP connection is established. Click Next to continue.

details

The user "XXXXXXX" does not have the JazzAdmins role. Please check the LDAP configuration.


Note: This issue only affects the Validate LDAP User step and does not affect group membership during product usage.

If you have reached this point in the setup, it means the LDAP settings are correct. The next step requires you to log in as a user with JazzAdmins group membership. The Validate LDAP User step is verifying that the user you plan to use has the correct group membership. If it turns out that the user does not have the correct group membership, you will need to have that account added to the JazzAdmins group or use an account that is already set up correctly to continue.



Leverage the Jazz Community
Jazz and Rational Team Concert have an active community that can provide you with additional resources. Browse and contribute to the User forums, contribute to the Team Blog and review the Team wiki.
Refer to technote 1319600 for details and links.

[{"Product":{"code":"SSUC3U","label":"IBM Engineering Workflow Management"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Component":"Installation","Platform":[{"code":"PF033","label":"Windows"},{"code":"PF016","label":"Linux"}],"Version":"3.0.1","Edition":"","Line of Business":{"code":"LOB59","label":"Sustainability Software"}}]

Product Synonym

Rational Team Concert

Document Information

Modified date:
16 June 2018

UID

swg21516411