Common LDAP configurations

You can configure Rational® ClearQuest® LDAP authentication in a variety of ways. This topic describes three common configurations and shows examples of the installutil subcommand entries used to achieve the configurations.

Attention: When you configure a Rational® ClearQuest® user database set for LDAP authentication, the name that users enter at the Rational® ClearQuest® Login window can represent values other than the Rational® ClearQuest® user profile Login name field value (CQ_LOGIN_NAME). If you choose a configuration with a different value, the Login name field does not represent the name that users enter in the Rational® ClearQuest® Login window. If your user database set uses any Perl or Visual Basic scripts that assume that the Login name field (that is, the value returned by $UserObject->Name or $SessionObject->GetLoginName) represents the name that users enter in the Rational® ClearQuest® Login window, you may need to modify those scripts to ensure that they work correctly.

Log in using user login name; map CQ_LOGIN_NAME to %login%

The following installutil subcommands configure a database set so that users log in to Rational® ClearQuest® by entering their user names in the Rational® ClearQuest® Login window. In the LDAP directory, the uid attribute stores the user names. The installutil setcqldapmap subcommand identifies CQ_LOGIN_NAME as the Rational® ClearQuest® user profile mapping field. In place of a mapping LDAP attribute, the subcommand uses %login%, which resolves to the string that the user enters in the Rational® ClearQuest® Login window User Name field.

installutil setauthenticationalgorithm 7.0.0 admin adminPW CQ_ONLY
installutil setldapinit 7.0.0 admin adminPW "-h ourldapserver.ourcompany.com"
installutil setldapsearch 7.0.0 admin adminPW "-s sub -b ou=my_dept,
dc=ourcompany,dc=com (&(objectclass=inetOrgPerson)(uid=%login%))"
installutil setcqldapmap 7.0.0 admin adminPW CQ_LOGIN_NAME %login%
installutil validateldap 7.0.0 admin adminPW test_user testPW
installutil setauthenticationalgorithm 7.0.0 admin adminPW CQ_FIRST

Log in using e-mail address; map CQ_EMAIL to mail

The following installutil subcommands configure a database set so that users log in to Rational® ClearQuest® by entering their e-mail addresses in the Rational® ClearQuest® Login window. In the LDAP directory, the mail attribute stores users' e-mail addresses. The installutil setcqldapmap subcommand identifies CQ_EMAIL as the Rational® ClearQuest® user profile mapping field, and mail as the mapping LDAP attribute.

installutil setauthenticationalgorithm 7.0.0 admin adminPW CQ_ONLY
installutil setldapinit 7.0.0 admin adminPW "-h ourldapserver.ourcompany.com"
installutil setldapsearch 7.0.0 admin adminPW "-s sub -b ou=my_dept,
dc=ourcompany,dc=com (&(objectclass=inetOrgPerson)(mail=%login%))"
installutil setcqldapmap 7.0.0 admin adminPW CQ_EMAIL mail
installutil validateldap 7.0.0 admin adminPW test_user@ourcompany.com testPW
installutil setauthenticationalgorithm 7.0.0 admin adminPW CQ_FIRST

Log in using badge number; map CQ_MISC_INFO to uid

The following installutil subcommands configure a database set so that users log in toRational® ClearQuest® by entering their badge numbers in the Rational® ClearQuest® Login window. In the LDAP directory, the uid attribute stores users' badge numbers. The installutil setcqldapmap subcommand identifies CQ_MISC_INFO as the Rational® ClearQuest® user profile mapping field, and uid as the mapping LDAP attribute. In the Rational® ClearQuest® User Administration Tool, the Description field is the CQ_MISC_INFO field. Because Rational® ClearQuest® user profile records do not contain a field for badge number or employee number, CQ_MISC_INFO is useful for storing such information.

installutil setauthenticationalgorithm 7.0.0 admin adminPW CQ_ONLY
installutil setldapinit 7.0.0 admin adminPW "-h ourldapserver.ourcompany.com"
installutil setldapsearch 7.0.0 admin adminPW "-b ou=my_dept,o=ourcompany.com uid=%login%"
installutil setcqldapmap 7.0.0 admin adminPW CQ_MISC_INFO uid
installutil validateldap 7.0.0 admin adminPW 1D1758897 testPW
installutil setauthenticationalgorithm 7.0.0 admin adminPW CQ_FIRST