Updating the LDAP configuration of an existing Engineering Lifecycle Management instance

You can update the Lightweight Directory Access Protocol (LDAP) configuration of an existing Engineering Lifecycle Management instance according to your requirements. You can update the hostname, port number, and login credentials of an existing LDAP server or change to a different LDAP server. The LDAP configuration changes are updated in the Config Map elm-auth-type-config and secret elm-auth-secret.

Before you begin

  • The existing Engineering Lifecycle Management instance must be configured with LDAP as an authentication type.
  • The updated LDAP configuration inputs are available to you.
  • You must consider the Engineering Lifecycle Management application downtime when you plan the activity.
  • You must log in with the appropriate user role, which has the privilege to update the LDAP configuration. For more information about the roles used in the Red Hat® OpenShift®, see User roles mapping in Engineering Lifecycle Management on Hybrid Cloud.

Procedure

  1. Complete the following steps to update the Config Map elm-auth-type-config.
    Important: You need to update the Config Map only if the hostname or port number of an existing LDAP server is updated or the LDAP server is changed.
    1. In the Red Hat OpenShift Container Platform web console, go to Workloads > Config Maps.
    2. Select the project where you installed the Engineering Lifecycle Management operator from the Project list.
    3. Select elm-auth-type-config from the table and click Edit ConfigMap from the Actions drop down.
    4. Update the required details in the YAML view and click Save.
  2. Complete the following steps to update the existing Engineering Lifecycle Management instance secret elm-auth-secret.
    Important: You need to update the secret only if the value of LDAP_PASSWORD or SCIM_PROVIDER_USERID or SCIM_PROVIDER_PASSWORD is changed.
    1. In the Red Hat OpenShift Container Platform web console, go to Workloads > Secrets.
    2. Select the project where you installed the Engineering Lifecycle Management operator from the Project list.
    3. Select elm-auth-secret from the table and click Edit Secret from the Actions drop down.
    4. Update the value for the following attributes and click Save.
      • LDAP_PASSWORD
      • SCIM_PROVIDER_USERID
      • SCIM_PROVIDER_PASSWORD

      For more information, see Creating the Engineering Lifecycle Management instance secret.

  3. Stop and start the JAS application followed by the JTS application. For more information, see Stopping and starting Engineering Lifecycle Management application pods by using ELM Operation instance. Alternatively, you can do the following steps to delete the application pods.
    1. In the Red Hat OpenShift Container Platform web console, go to Workloads > Pods.
    2. Select the project where you installed the Engineering Lifecycle Management instance from the Project list.
    3. The Pods page lists the Engineering Lifecycle Management application pods and Engineering Lifecycle Management operator pod information.
    4. Click the pod name to see the pod details.
    5. Click Delete Pod from the Actions menu.
      The Engineering Lifecycle Management application pod is deleted. The Engineering Lifecycle Management application pod restarts automatically.
  4. Complete the following steps to verify the status of the Engineering Lifecycle Management application.
    1. In the Red Hat OpenShift Container Platform web console, go to Operators > Installed Operators and select the Engineering Lifecycle Management operator.
    2. Go to the ELM tab and select the Engineering Lifecycle Management instance.
    3. On the Details tab, verify the Engineering Lifecycle Management application status in the Applications Events table. It shows the status as Completed and the message as The JTS application is ready. If you see any error message, see the troubleshooting information at Troubleshooting of LDAP configuration update error for an existing Engineering Lifecycle Management instance.
  5. If the updated LDAP configuration contains a different set of users, you must request for the user synchronization or wait for the scheduled user synchronization to run from the JTS administration page. For more information, see Synchronizing LDAP with Jazz Team Server repository user information .
  6. Complete the following steps to verify access to the Engineering Lifecycle Management application by using the updated LDAP configuration.
    1. In the Red Hat OpenShift Container Platform web console, go to Networking > Routes.
    2. Select the project where you installed the Engineering Lifecycle Management instance from the Project list.
    3. Search for the <ELM-application>-route in the Name field and click the URL available in the Location field. The JAS login page opens.
    4. Log in to the JAS application by using your user ID and password. The Engineering Lifecycle Management application opens.
      Important: You must use the login credentials from the updated LDAP configuration.