About Configuring Additional Enterprise Directories
You can connect to any Version 3 compliant LDAP directory or Microsoft Active Directory Service. If you are already using an enterprise LDAP service, you can continue to use that service to maintain user information. To do this, you can configure Windchill so that it can also access user information by querying entries through a JNDI adapter.
However, Windchill typically does not create, update, or delete entries in an enterprise directory, as that capability might be limited to other parts of the organization. This means that Windchill cannot be used to administer user information in your enterprise LDAP service; you must use separate administration tools instead. However, Windchill must have the ability to update group information ; therefore, these must be stored in an LDAP server. For Windchill to be able to update group information where the group is stored in the directory server, it should be stored in the writable LDAP. Alternatively, the group can be stored in the database. As a result, in this scenario you would maintain two different LDAP directories in support of Windchill.
Before You Begin
Before you begin, you should have:
• Installed and configured the LDAP directory that you intend to connect to Windchill. For more information, see
Entering Your LDAP Settings.
These guides are available from the PTC Reference Documents site:
To connect an existing LDAP directory to Windchill, complete the following tasks. Where applicable, explicit instructions for a Microsoft Active Directory have been provided. Otherwise, the instructions apply to any LDAP directory: