Highlighted
Respected Contributor.. Jim Hazen Respected Contributor..
Respected Contributor..
617 views

Performance Center/ALM 12.53 - Convert to LDAP Authentication -- Order of steps

I'm getting ready to convert the PC/ALM 12.53 system to use LDAP Authentication.  I've setup/configured the LDAP Settings information in Site Admin as per the information from the online admin guide.  The defined LDAP Server verifies without problems.  I can get into the Import LDAP User By Keyword functionality and search successfully for a user (the Import Users from LDAP Directory Tree doesn't allow me to go deep enough to see users names to select).  So it seems to be all talking fine between ALM and LDAP server.

My question is what to do next.  What is the order of steps to follow to get the SiteAdmin account imported (and other users) and then turn on the LDAP Authentication?

Looking at the online documentation I've come up with an order like this:

  1. Setup LDAP Settings information and test connection.  Save if successful.
  2. Import the LDAP information for the existing SiteAdmin (Super User) account.
  3. Enable the Authentication Settings for LDAP (on the Authentication Settings dialog)
  4. Import the other user accounts for their LDAP equivalent accounts.

Does this process look valid?  Should I import all the users (including other Project Admin type accounts) before turning on the LDAP Authentication.  Any insights and/or help is appreciated.  Thanks.

Jim

Tags (1)
0 Likes
2 Replies
Respected Contributor.. Jim Hazen Respected Contributor..
Respected Contributor..

Re: Performance Center/ALM 12.53 - Convert to LDAP Authentication -- Order of steps

Found out the following.

Have 2 SiteAdmin sessions (different browser sessions, and possibly on two different machines) open with one logged in with a backup site admin account and the other the super user site admin created during install.  In the one with the backup turn on the LDAP Authentication and import the backup site admin user.  Logout and log back in to SiteAdmin to validate the conversion is correct.  Then login to a project with the back up user to make sure the change has rippled to the project level.  Be sure to leave the session with the super user admin account open the whole time.  This is so if things go sideways you can go change things back via that session. 

Once your backup site admin account is all checked out then convert the super user admin account.  Logout and back in with your LDAP credentials on the session where you had the backup admin logged in to make sure it is all correct.  Keep the original super user admin session open.  If the super user admin account is all correct then you can close the original session and proceed to import/convert other user accounts.

The trick is having the two sessions running in case the one where you do the change/conversion causes problems.  You have another admin session running and can back things out if needed.

Shlomi Nissim Acclaimed Contributor.
Acclaimed Contributor.

Re: Performance Center/ALM 12.53 - Convert to LDAP Authentication -- Order of steps

Impressive Jim. I must admit I didn't know that myself. Seems like you got that figured out.

Let us know if you need further help, I will ask ALM team to assist.

Thanks,

Shlomi

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.