LDAP and LDAP/SDBM configuration parameters

Use this reference topic to learn about each LDAP or LDAP/SDBM configuration parameter.


After you have configured your application server and LDAP server, run the setup wizard and complete the LDAP user registry configuration form by providing the following parameters.
Parameter Description Example
LDAP Registry Location The web address that references your LDAP server. ldap://ldap.example.com:389 , where ldap.example.com is the qualified host name of the LDAP server.
User Name The user name to log on to the LDAP server. For the LDAP servers that allow anonymous user names and passwords, you can leave this parameter blank.  
Password Base The password that is associated with the user name.  
Base User DN The base distinguished name of users in the LDAP registry. ou=people,dc=jazz,dc=net or PROFILETYPE=USER,CN=RACF255,O=IBM,C=RTC
User Property Names Mapping The mapping of Jazz™ user property names to LDAP registry entry attribute names. You must define the following mappings:
  • userId = LDAP user ID or racfid (for LDAP/SDBM)
  • name = LDAP user name
  • emailAddress = LDAP user email

The userId property identifies the user ID that is used when a user logs on to the system. The name property renders the name in the user interface.

For LDAP/SDBM, you need to enter an email address or another standard field, such as racfid for emailAddress.

userId=uid,name=cn,emailAddress=mail or userid=racfid, name=racfprogrammername
Base Group DN The base distinguished name of the Jazz application groups in the LDAP registry. ou=JazzGroups,dc=jazz,dc=net
Jazz to LDAP Group Mapping
Restriction: In many cases, you can map multiple LDAP groups to a Jazz role in a Jazz Team Server environment. However, if your Jazz Team Server runs on Apache Tomcat application server and Tomcat does not support mapping multiple LDAP groups to a J2EE role, you cannot map multiple groups to one role. If you use WebSphere Application Server, you can map multiple LDAP groups to a J2EE role.
To map the Jazz group to multiple LDAP groups, make sure that the LDAP groups are separated by a semicolon. For example: JazzAdmins=LDAPAdmins1;LDAPAdmins2 maps JazzAdmins group to LDAPAdmins1 and LDAPAdmins2. Jazz Team Server defines five groups to map:
  • JazzAdmins = LDAP Group for Jazz admins
  • JazzUsers = LDAP Group for Jazz users
  • JazzGuests = LDAP Group for Jazz guest (Not used by Rational Quality Manager)
  • JazzProjectAdmins = LDAP Group for Jazz project admins
Group Name Property The LDAP property that represents the name of the Jazz groups in the LDAP registry. For example, cn. This property is used in the query to retrieve an LDAP group. To retrieve an LDAP group, a query uses a combination of the Base group DN and the Group Name Property. cn
Group Member Property The LDAP property that represents the members of a group in the LDAP registry. members

video icon Watch videos

CLM playlist
Jazz.net channel
User Education channel

learn icon Learn more

CLM learning circle
Agile learning circle
Learning circles

ask icon Ask questions

Jazz.net forum
developerWorks forums

support icon Get support

Support Portal
Deployment wiki
Support blog