How to configure StarTeam to support Active Directory (LDAP) authentication.

0 Likes

Problem:

How to configure StarTeam to support Active Directory (LDAP) authentication.

Resolution:

* Product Name: StarTeam

* Product Version: 2005 R2, 2006

* Product Component: Server

* Platform/OS Version: All Supported StarTeam Server OS


Description:

A common question is whether users can use their Active Directory (AD) domain passwords in StarTeam. To be more specific, this article addresses how to setup StarTeam for use with an AD/LDAP server.


Answer/Solution:

There are two major steps that must be done in order to ensure easy setup.

  1. Enable Directory Services in StarTeam Server Administration
    1. Open Server Administration and select the configuration you want to setup for LDAP.
    2. Go to Tools -> Administration -> Configure Server
    3. Log in using Administrator credentials
    4. Select the Directory Service tab.
    5. Check "Enable directory service support"
    6. In the "Host" text field, type in the DNS name or IP address of your AD or LDAP server. Ex: amer.borland.com OR 44.55.66.77
    7. The default secure port is automatically entered for you. Push "Test Settings" to confirm the connection information is valid.
    8. Push OK and restart the Starteam server configuration.
    9. You will see a line like this in the server log upon restart: "Connected to Active Directory Server: ldaps://amer.borland.com:636."
  2. Download and Install Borland LDAP QuickStart Manager onto any machine. This could be the server machine itself or your workstation. Please visit the main StarTeam Download page for this tool: http://www.borland.com/downloads/download_starteam.html
    NOTE: the following example is for setting up LDAP Authentication with Active Directory.
    1. When QuickStart Manager opens, you must configure the Source and Target settings for your AD LDAP server and your StarTeam server, respectively.
    2. For LDAP:
      1. Go to Configure -> Directory Services/LDIF Files and select "Add"
      2. Enter your company name, the exact same connection settings you entered in step 1f-g, and push test.
      3. Protocol version is by default 3.
      4. Base DN (Distinguished name) is the root of your LDAP hierarchy the Quickstart Manager will attempt to load. If your host was amer.borland.com, your base DN would translate to "DC=amer,DC=borl,DC=net". Contact your help desk if you do not know what to put here.
      5. Mapping is Microsoft Active Directory.
      6. Push OK
      7. Login by Double Clicking on the LDAP server you created. Login is your LDAP DN, for example amer\drice, password is the same password you use to log into your workstation.
      8. At this point, you should be able to scan through your OU"s (Organizational Units) and find user accounts.
    3. For StarTeam Server:
      1. Go back to Configure -> StarTeam Server Properties and select "Add"
      2. Name can be the name of your Starteam configuration, host and port is the StarTeam server machine DNS or IP address, port is the tcp/ip endpoint for connecting to StarTeam.
      3. You can verify directory services is working by selecting Directory Service Validation and using your login name and password. Ex: drice/mypassword.
      4. Push OK
    4. Use either Import Wizard (second icon on the toolbar, Ctrl W) and follow the dialog, or manually scroll through the LDAP hierarchy on the left and find the users you wish to import. Select them all. Find the StarTeam Group you wish to import the users into. Select this group on the right. Push Import Users (First icon on the toolbar, Ctrl U). Follow the dialog.
    5. NOTE: If the users are to be setup using Borland License Server, don"t forget to enter the Slip file ID under License type into the StarTeam Import options dialog
    6. Push OK
    7. Verify the accounts transferred without Warning or Error in the Message pane in the bottom portion of the utility. Open any StarTeam Client and try to login. If it?s successful, congratulations! If not, please verify the steps above. Go to User Manager in Server Administration and verify that a user is setup to "Validate through directory service" and that their full DN is in the text field. If you continue to have trouble, please contact Borland Support (http://support.borland.com).

CAUTION: IF THE AD/LDAP SERVER IS TAKEN DOWN FOR MAINTENENCE, USERS WILL NOT BE ABLE TO LOG INTO STARTEAM.

CAUTION: NEVER CONFIGURE THE ADMINISTRATOR ACCOUNT TO USE LDAP. USE ONLY LOCAL AUTHENTICATION. If you misplace the administrator password, there will be no way for Borland Support to retrieve it since the password will not be stored in the StarTeam database.


Author: Daniel Rice

Related documents:


Old KB# 28361
Comment List
Related
Recommended