Specifying user authentication

Rational® ClearQuest® offers two methods of user authentication. You can use traditional Rational ClearQuest authentication or use the industry standard Lightweight Directory Access Protocol (LDAP) to authenticate using an LDAP directory server. With Rational ClearQuest authentication, a user enters a user name and password to log on, andRational ClearQuest verifies that they match a user name and password stored in the Rational ClearQuest database set (schema repository). With LDAP authentication, a user enters a user name and password in the same Rational ClearQuest Login window and Rational ClearQuest checks an LDAP directory for a matching user record.

To authenticate users against the Rational ClearQuest database set, use the User Administration Tool to enter and manage user name and password information.

To authenticate users against an LDAP-compliant directory, use the user names and passwords that are maintained in the directory. Using LDAP authentication can decrease administration and user support costs by reducing the number of passwords that users have to remember. LDAP can also improve security by enforcing the password management policies implemented in the directory.

Regardless of the type of authentication (LDAP or Rational ClearQuest) that you use, Rational ClearQuest performs the authorization. That is, information in the Rational ClearQuest database is used to determine user database access and group participation. Use the User Administration Tool to specify authorization information and to maintain user profiles.