Step 3: Add KNTAUser Attribute

Adding the KNTAUser attribute to users on an LDAP server is a convenient way to mark users for importing, when LDAP Import PPM User Only is set to Yes. It is not a required step. LDAP Import PPM User Only can be set to No, and the Search Filter field used to query for the attribute of your choice. If LDAP Import PPM User Only is set to Yes on the Import Users report, only the LDAP users with the KNTAUser attribute are imported. To apply the KNTAUser attribute to users on an LDAP server, it is necessary to run a command locally on the server machine.

  1. Log on to the PPM server machine.

  2. Navigate to <PPM_Home>/bin directory, where <PPM_Home> represents the installation path for PPM.

  3. Open a bash shell.

  4. Log on as an LDAP user who has privileges to modify the LDAP schema.

  5. To execute the kLdap.sh command, either:

    • Type kLdap.sh

      A prompt for a number of LDAP server parameters appears. Provide the requested information.

    • Type kLdap.sh -s

      The LDAP parameters are read from the server.conf file and no additional information are requested.

Note: LDAP users can only logon in PPM-only mode if they have a password defined in PPM. Also, if the server is in PPM-only mode, PPM passwords can be set for LDAP users. These passwords are not required.

For more information on the server.conf file, see the Installation and Administration Guide.