• No results found

Quality Center LDAP Guide

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "Quality Center LDAP Guide"

Copied!
10
0
0

Loading.... (view fulltext now)

Download now ( 10 Page )

Full text

(1)

Information Services Quality Assurance

Quality Center LDAP Guide

Version 1.0

(2)

Quality Center LDAP Guide Page 2 of 10

Lightweight Directory Access Protocol( LDAP) authentication facilitates single sign on by

synchronizing Quality Center (QC) user passwords with user passwords set in Active Directory

(AD). When a user logs into QC, a connection is acquired with the LDAP server, and the QC

username and password is verified against the AD username and password.

LDAP Authentication Configuration for Import

The purpose of the import is to verify and import Site User credentials.

1. Login to QC Site Administration.

2. Select “Site Users” tab.

3. Select “User Settings” icon downarrow to display setting options.

4. Select “Authentication Settings”. Enter/Verify authentication settings.

When LDAP is enabled, the Authentication type button should be set to “LDAP”. Select the “Test Connection” button to verify communication with the LDAP server. Once connection is

successful, select “OK” to close the dialogue window.

5. Select LDAP Import Settings.

(3)

Quality Center LDAP Guide Page 3 of 10 6. Enter/Verify LDAP Import settings.

7. Select the “Next>” button.

8. Select the “Advanced Button”. The default settings for Import Field Mappings will display.

Ldap://XXXXX

Domain\username

XXXXX

(4)

Quality Center LDAP Guide Page 4 of 10 9. Delete all field mapping values except the “User name”.

10. Select Finish.

11. Value the following QC parameters:

(5)

Quality Center LDAP Guide Page 5 of 10

Set LDAP_SEARCH_USER_CRITERIA parameter = username Set “LDAP_TIMEOUT” parameter = 5. Default is 10 minutes.

Set PASSWORD_RESET_DISABLE = “Y” to disable the password reset option.

Set PASSWORD_RESET_UNAVAILABLE_MESSAGE to “Password reset is not available with LDAP authentication. Please contact your Quality Center system administrator at ext.“Fill in with Administrator‟s phone extension.”

Once the authentication type is set in QC Site Administration, the parameters are saved to the QC database. If there are login or LDAP verification issues, and the Authentication type needs to be changed, the database administrator should make the following database changes:

In qcsiteadmin_db databse, find the PARAMS table.

Look for the record where PARAM_NAME = „AUTHENTICATION‟. Change the PARAM_VALUE to „QualityCenter‟.

Look for the records where PARAM_NAME starts with „LDAP‟, and delete all of them except one „LDAP_SEARCH_USER_CRITERIA‟.

The QC system Administrator should restart the Quality Center service and test for login.

(6)

Quality Center LDAP Guide Page 6 of 10

New User Import from AD

Users are authenticated against AD via LDAP as part of the QC login process, so all QC user

logins must have an authenticated domain entry in the QC site users table. Use this only for

users that don‟t exist in QC yet. When an import is done, it replaces existing user profile fields,

which may be undesirable.

1. Verify user does not exist in the Quality Center Site User list.

2. Create Active Directory User Report:

Logon to Quality Center server Select “Start > Command Prompt”

XXXXX >QualityCenter.csv] to the command line. Exclude brackets when copying the command.

The report produces a csv file with username, full name, and domain name.

3. Use the Active Directory User Report to obtain the QC user domain names. The domain name format is:

CN=XXX,OU=XXX,OU=XXX,OU=XXX,DC=XXXXX,DC=XXX

LDAP

TERMINOLOGY

LDAP DESCRIPTION TRANSLATION

CN common name Username

OU organizational unit Department

DC domain components Node in the domain tree structure

4. Login to Site Administration

5. Set LDAP Import Settings. Settings can be adjusted to import Username, Fullname, Description, E- mail, and Phone. Username is the minimum requirement. (See page 3 – LDAP Import Settings).

6. Select “Site Users” tab.

(7)

Quality Center LDAP Guide Page 7 of 10 7. Select “Import LDAP Users“ icon.

8. The directory base is not valued.

9.

Reference the user‟s domain name

(e.g.

CN=XXX,OU=XXX,OU=XXX,OU=XXX,DC=XXX,DC=XXX

10. Select appropriate domain name components. (Check the CN (username) box.)

11. Select the Import button.

12. QC will import fields based on import authentication field settings. When duplicates exist, it will prompt for actions to:

Skip – record will not be imported

Update – this will overwrite QC fields with the AD fields used for authentication Rename user – another record will be created in QC for the user - do not use.

Append to existing username – appends suffix to existing username - do not use.

13. Update QC user profile fields as required.

14. Proceed to add user to the appropriate projects in Site Administration.

15. Login to the project and add user to the appropriate group(s).

Add a New User without Import

1. Verify user does not exist in the Quality Center Site User list.

2. Create Active Directory User Report:

The report produces a csv file with username, full name, and domain name.

(8)

Quality Center LDAP Guide Page 8 of 10

Use the Active Directory User Report to obtain the QC user domain names. The domain name format is:

CN=XXX,OU=XXX,OU=XXX,OU=XXX,DC=XXX,DC=XXX

LDAP

TERMINOLOGY

LDAP DESCRIPTION TRANSLATION

CN common name Username

OU organizational unit Department

DC domain components Node in the domain tree structure

3. Log into Site Administration 4. Select “Site Users” tab.

5. Select “Add new user”.

(9)

Quality Center LDAP Guide Page 9 of 10

6. Enter as much data as possible. Copy the Domain Authentication string from the Active Directory User report into the Domain Authentication field.

7. Add user to appropriate projects in Site Administration and to the appropriate groups in each project.

8. When the user logs in, the username and password will be authenticated against Active Directory.

Update Existing User’s Domain

Create Active Directory User Report:

Logon to Quality Center server Select “Start > Command Prompt”

>QualityCenter.csv] to the command line. Exclude brackets when copying the command.

The report produces a csv file with username, full name, and domain name.

Use the Active Directory User Report to obtain the QC user domain names. The domain name format is:

CN=XXX,OU=XXX,OU=XXX,OU=XXX,DC=XXX,DC=XXX

(10)

Quality Center LDAP Guide Page 10 of 10

LDAP

TERMINOLOGY

LDAP DESCRIPTION TRANSLATION

CN common name Username

OU organizational unit Department

DC domain components Node in the domain tree structure

1. Log into Site Administration.

2. Select “Site Users” tab.

3. Select Site User.

4. Copy the Domain Authentication string into the Domain Authentication field, and change string components as required. Save the user detail changes.

5. When the user logs in, their username will be authenticated against AD based on the domain authentication entry in User Details.

References

Download now ( PDF - 10 Page - 279.71 KB )

Related documents