Working with User-defined Groups that are Maintained in a Directory Server
Any groups created in a node of a directory server that can be searched by Windchill solution are automatically added to the Windchill database when the node is searched. The name of each Windchill user-defined group object is taken from the cn attribute of the LDAP group entry distinguished name (unless the mapping done in the JNDI adapter specifies a different attribute). This allows you to create groups using the editing tool available through a directory service rather than using the interfaces available in Windchill.
Adding and removing members from a user-defined group can also be accomplished using the editing tool available through a directory service. After updating group membership in the directory service, you can synchronize the team membership with the updated groups as described in
Synchronizing Teams with User-Defined Groups.
When access to Windchill is limited, you can rename a group using the editing tool available through a directory service while maintaining the association of the directory server group with an existing Windchill group; however, the name of the group in the Windchill database cannot be changed to match the name stored in the directory server unless the user has write permission to both the database and the directory server. PTC recommends that you do not rename groups outside of the Participant Administration utility.
Use the following steps to re-establish the connection between an existing Windchill group to an LDAP entry for a user-defined group that has been renamed in your directory server:
1. Limit access to Windchill before renaming the user-defined group.
|
If you do not limit access and someone searches and finds the renamed group or updates the user information for any member of the group, then a new Windchill group object is automatically created for the group. After a new Windchill group is associated with the LDAP entry, you cannot reconnect the renamed group to another Windchill group.
|
2. Rename the user-defined group using the editing tool available through a directory server.
3. From the main Participant Administration table, use Search Disconnected Participants and Reconnect Disconnected Participant actions.
For specific instructions on how to perform these activities, access the help from within the Participant Administration utility.