ETLDAP utility

You can use the ETLDAP utility to add LDAP (Lightweight Directory Access Protocol) users to IBM® TM1® Server when you use TM1 Server with Integrated Login and LDAP authentication.

Note: You can only use the ETLDAP utility to add new LDAP users to TM1 Server. ETLDAP does not modify, update or delete existing users in TM1 Server.

ETLDAP, an LDAP load tool, provides the following functionality:

  • Extracts user information from an LDAP or Active Directory server.
  • Creates the element UniqueID in the }ClientProperties dimension.
  • Adds users to the }ClientProperties cube.
  • Populates the UniqueID field in the }ClientProperties cube with the domain-qualified user name of the user you add to TM1 database. For example, ETLDAP writes the name robert@company.com to the }ClientProperties cube.

As the TM1 administrator, you can perform these tasks using ETLDAP:

  • Add many user names from an LDAP server to the TM1 database quickly.
  • Migrate information from a legacy LDAP database to TM1.
  • Perform one or more queries to specify the users you want to create in TM1 Server, and then export the users into the TM1 security cubes.
  • Update TM1 with new users that have been added to the LDAP server since the initial load of user data into TM1.
Note: The ETLDAP utility is not available when the IBM TM1 Server is configured to use one of the following Integrated Security Modes:
  • Integrated Security Mode 3 - Integrated Login
  • Integrated Security Mode 5 - IBM Cognos® Analytics authentication

However, you can use ETLDAP to prepare your user and security data for Integrated Security Mode 3 server operation. In this case, you must configure your server to use Integrated Security Mode 1 or 2 while using the ETLDAP utility. Then, after all user and security data has been prepared, you must reconfigure your server to use Integrated Security Mode 3 during normal operation.

See IntegratedSecurityMode for more information about Integrated Security Mode options.