Question & Answer
How can you tell if the given LDAP parameters are accurate to complete the IBM Rational Jazz Team Server (JTS) LDAP configuration?
The Jazz Team Server relies on the user registry to provide basic information about users and groups. When configuring the Jazz Team server to use a LDAP server to act as the user registry, you will be asked to provide a list of parameters (properties) such as Base User DN, Base Group DN, Group Name property and Group Member property, to complete the setup.
Usually you will collect these parameters from your LDAP Administrator. In the case that you are not sure if the value of these given parameters are accurate, or you are getting errors/warnings indicating some of the value is incorrect during the setup, you can use a third party LDAP browser to verify their accuracy.
This technote is based on third party software named: Softerra LDAP Browser. You can always choose a different LDAP browser to achieve the same results.
Alternative LDAP browsers which you can use:
IBM is not providing program services of any kind for this program. Making use of the Information provided in this technote is done at the user's own risk.
- Download, install and launch Softerra LDAP Browser. You can download it from the following site download page.
- Create a profile for your LDAP server to verify LDAP Registry Location, User Name, Password, Base User DN. To create the profile follow follow the instruction under the help menu of Softerra. Input the above parameters in the profile creation wizard accordingly as the following:
- Host: Extract the host name from LDAP Registry Location parameter, for example:
- Port: Extract the port number from LDAP Registry Location parameter, for example
- Base DN: key in the value of the Base User DN parameter
- User DN: User Name
- Password: Password
Save the profile and connect to your LDAP server by double clicking on the profile. If you can connect, that means the value of the above giving LDAP parameters are accurate. Otherwise, base on the errors you get, contact your LDAP Administrator to follow up.
userId=uid,name=cn,emailAddress=mail. That assumes your LDAP user record has the attributes of uid, cn and mail representing userID, common name and emailAddress. To verify these attributes exist in your LDAP user record, follow the steps below to search for your own LDAP ID, then examine all the attributes there to ensure the above given attributes exist.
- click on Tools > Directory Search from Softerra LDAP browser.
- Type in the value of the Base User DN property into the Search DN box.
(cn=your common name)in the Filter box and click on Search button. It should find your LDAP user record, double click to open it, and you should see all the attributes within the record. Verify the above attributes exist.
- Click on Tools > Directory Search from Softerra LDAP browser.
- Type in the value of Base Group DN in the Search DN box
(cn=your ldap group)in the Filter box
- If the group can be found, that means the Base Group DN has correct value
cn. That assumes your LDAP group record has an attribute named cn represent the name of the group. To verify this attribute exist, follow the steps in step 4 above to search for your LDAP group, open it to verify the
members. That assumes your LDAP group record has an attribute named members representing member of the group. To verify this attribute exist, follow the steps in session C above to search for your LDAP group, open it to verify the members attribute exist.
The Jazz based products have an active community that can provide you with additional resources. Browse and contribute to the User forums, contribute to the Team Blog and review the Team wiki.
16 June 2018