About Configuring Additional Enterprise Directories
You can connect to any Version 3 compliant LDAP directory or Microsoft Active Directory Service. If you are already using an enterprise LDAP service, you can continue to use that service to maintain user information. To do this, you can configure Windchill so that it can also access user information by querying entries through a JNDI adapter.
However, Windchill typically does not create, update, or delete entries in an enterprise directory, as that capability might be limited to other parts of the organization. This means that Windchill cannot be used to administer user information in your enterprise LDAP service; you must use separate administration tools instead. However, Windchill must have the ability to update group information ; therefore, these must be stored in an LDAP server. For Windchill to be able to update group information where the group is stored in the directory server, it should be stored in the writable LDAP. Alternatively, the group can be stored in the database. As a result, in this scenario you would maintain two different LDAP directories in support of Windchill.
Before You Begin
Before you begin, you should have:
Installed and configured the LDAP directory that you intend to connect to Windchill. For more information, see Entering Your LDAP Settings.
These guides are available from the PTC Reference Documents site:
To connect an existing LDAP directory to Windchill, complete the following tasks. Where applicable, explicit instructions for a Microsoft Active Directory have been provided. Otherwise, the instructions apply to any LDAP directory:
1. Create a JNDI adapter entry for your directory and set additional properties: Create and Configure the JNDI Adapter
2. Create a repository definition that informs Windchill how to query and manage information in the directory: Create a Repository Definition
3. Identify the directory in Windchill by modifying the wt.properties file: Modify the wt.properties File
4. Set administrative access control privileges for the directory by modifying the MapCredentials.xml file: Set Authentication in the MapCredentials.xml File
5. Update your HTTP Server configuration: Update the HTTP Server Configuration
6. Restart Windchill servers and verify the changes: Verify Your Changes.
7. Ensure that LDAP attribute values are mapped correctly: User and Group LDAP Attribute Value Mapping
Было ли это полезно?