Cancel
Showing results for 
Search instead for 
Did you mean: 

Teamcenter Security Services with Kerberos - possible to use different ldap attribute as username?

Siemens Phenom Siemens Phenom
Siemens Phenom

Hi experts,

 

in the very good old days with Teamcenter 8.3, I was able to use sAMAccountName to login to the LoginService and use a different ldap property to use as a Teamcenter username.

therfor I had to configure a different "User name attribute" for the line of my application in the application registry table. next to that I had to set the switch "ApplicationAliasEnabled" from false to true in IdentityService context parameters...

 

today I face a usecase where customer would like to implement security services and has all their users created with their "SAP user id" (different that the windows-user-id) as user id in teamcenter (instead of sAMAccountName)...

 

With Tc11.4.0.12 I tried to use this other ldap attribute, but I can't login to teamcenter, in the tcserver-syslogs I see that the user with "sAMAccountName" tries to login (which files, because the username does not match) - but I'd like to see that it uses the other ldap attribute...

 

Was anyone able to configure such a usecase with a recent (>= Tc11.3) version?

 

Thanks,

Markus

3 REPLIES 3

Re: Teamcenter Security Services with Kerberos - possible to use different ldap attribute as usernam

Siemens Genius Siemens Genius
Siemens Genius

Hi Markus,

 

Is it something about this pref?

Just wild guessing :-)

 

This is TC 12.2

 

ldap.png

 
 
 

 

 

Best regards,
Miloslav Weitz, Siemens PLM Software
Production: Teamcenter 11.5, NX 12, Geolus 9.1
Development: N/A Testing: Teamcenter 12.2, NX 1880, Geolus 10.0

Re: Teamcenter Security Services with Kerberos - possible to use different ldap attribute as usernam

Siemens Phenom Siemens Phenom
Siemens Phenom

sorry, no...

that's when you try to sync Active Directory Organization with Teamcenter Organization...

Re: Teamcenter Security Services with Kerberos - possible to use different ldap attribute as usernam

Siemens Phenom Siemens Phenom
Siemens Phenom
since no one knows I try to create an IR with GTAC...
hopefully they understand what I want to accomplish ;)