Quick-reference LDAP worksheet

Checklist of required information and steps to configure a Rational® ClearQuest®

Following is the list of questions you need to ask your LDAP administrator in order to configure a Rational ClearQuest database set for LDAP authentication.

Questions:
  • A. What is the host name of the LDAP server? ________________________
  • B. What is the TCP port number (non-SSL)? ______
  • C. Does the LDAP server allow anonymous searches? ____
  • C1. What is the DN of the search account? _______________________
  • C2. What is the password of the search account? ____________________
  • D. What is the base DN from which to start searching for LDAP user directory entries that correspond to Rational ClearQuest users? ___________________________
  • E. What is the scope of the search from the base DN? ____________
  • F. What is the LDAP attribute that is used to store the user entry login name values? _________________
  • G. What is the LDAP search filter that Rational ClearQuest must use to select the LDAP user entry based on the attribute specified in the previous question? _________________________________
  • H. What is the LDAP attribute of the user entry to be used to map the user to a corresponding Rational ClearQuest user profile record? __________
  • I. What is the login name of a user entry that can be used to validate that Rational ClearQuest can correctly authenticate a user against the LDAP directory? _______________________
  • J. What is the password for the user entry specified in the previous question? __________________

Run the following commands from the directory where Rational ClearQuest is installed (for example, C:\Program Files\Rational\ClearQuest): These commands assume that the answers to the above questions were as shown in the topic Collecting LDAP information. 

  1. installutil setauthenticationalgorithm dbset_name cq_user cq_password CQ_ONLY
  2. installutil setldapinit dbset_name cq_user cq_password "-h <A> -p <B> -D <C1>
 -w <C2>"
  3. installutil setldapsearch dbset_name cq_user cq_password "-s <E> -b <D> <G>"
  4. installutil setcqldapmap dbset_name cq_user cq_password cq_user_field <H>
  5. installutil validateldap dbset_name cq_user cq_password <I> <J>
  6. installutil setauthenticationalgorithm dbset_name cq_user cq_password CQ_FIRST
  7. Set every user's authentication mode by using the User Administration GUI or the SetupCQLDAP.pl script.
  8. Test your database set's LDAP settings by having users log in to Rational ClearQuest by entering the LDAP login name and password.
Parent topic: Setting up LDAP authentication
Related concepts:
LDAP configuration steps for Rational ClearQuest
MultiSite considerations
Common LDAP configurations
Enabling SSL Encryption with GSKit
Configure FIPS 140-2 approved data encryption
Related tasks:
Disabling LDAP authentication
Configuring Rational ClearQuest with LDAP user authentication for TLS 1.2 to support NIST SP 800-131A guidelines
TLS 1.0/1.1 ciphers disabled by default for secure LDAP connections
Related reference:
Collecting LDAP information