Hello @HJ1 

It looks like you have a response from a community member. If it helped you solve your question please mark the reply as the Accepted Solution. 

Of course, if you have more to share on your issue, please let the Community know so other community members can continue to help you.

Thanks,

Vivek N
Community Moderation Team.

It really depends on how you are planning to integrate with LDAP in 12.0 and later.  If this is an upgrade from pre-12.0 to 12.1 or later, you can/need to use PTC's WindchillDS through the upgrade process.  The upgrade manager will handle all updates and pointers for WindchillDS.  At the end of the upgrade, there should not be any disconnected participants.  If so, someone probably made the wrong picks in the upgrade manager.

Prior to upgrade, on the upgrade source, are you running WinDU's "Upgrade Property Viewer" task to generate the input values for the upgrade manager?  This will generate the correct LDAP settings.  Just copy the output file (...\Windchill_11.0\Windchill\Upgrade\ReviewedSourceUpgrade.properties) to the upgrade target (...\Windchill_11.0\Windchill\Upgrade\UpgradePhases\GatherUpgradeProperties\upgradeUser.properties) before upgrade.  That 'should' provide a clean upgrade for the LDAP entries.

I've seen upgrades go sideways where all the users were left in an old LDAP structure (e.g. ...,OU=people,DN=Windchill_10.2,...) when they should have been moved to the target release LDAP structure (e.g. ...,OU=people,DN=Windchill_12.1,...).  I don't recall the bad picks in the upgrade manager that caused this.  I just manually manipulate WindchillDS post-upgrade using Apache Directory Studio to correct the issue and update all the DNs in the Windchill database to correct the issue.  If just the DN is changing, this one liner can fix it.

update RemoteObjectId set remoteObjectId=replace(remoteObjectId,',cn=windchill_10.2,o=ptc',',cn=windchill_11.1,o=ptc') where path like '%,cn=windchill_10.2,o=ptc';

If the JNDI Adapter is changing, the database change are more extensive.

After reaching your target release (post 12.0), integrate with the chosen LDAP going forward (not WindchillDS) and redirect all LDAP entries to the chosen LDAP.  This is more tedious (https://www.ptc.com/en/support/article/CS109367), but it is a one-time task.  Future upgrades won't manipulate user accounts.  I manually repair the default Windchill site administrator to the corporate LDAP server first.  Then, once Windchill starts, I login as the site administrator, search disconnected participants, and repair the others.  If there are hundreds or thousands of users, I do the repairs at the DB level, following the article, and then search disconnected participants to ensure they are really repaired.

What LDAP are you planning to use post-upgrade: a corporate LDAP like Active Directory, a Windchill dedicated read-write LDAP like OpenDJ, multiple LDAP servers?  @rleir mentioned 389DS because that is what PTC uses internally to support their hosted offering.  Most customers with a Windchill dedicated LDAP are using OpenDJ because that is the source code for PTC's WindchillDS.  However, PTC supports using any L3 compliant LDAP.  They do not support the LDAP products themselves, just integrating with them.  Most companies are switching to the corporate LDAP (usually Active Directory), and a few have a mixed environment of corporate and Windchill dedicated LDAPs.

Hello,

You need to import the DS backup to the New Upgraded Machine properly.

Check this below point. This might resolve the issue.

1. DS is not imported Properly.

2. Check if the user's are deleted from LDAP Directly.

3. Check Personal cabinet administrator.

4. Check participate Administrator> Action> Disconnect the User