cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Community Tip - Learn all about PTC Community Badges. Engage with PTC and see how many you can earn! X

Translate the entire conversation x

PDMLink disconnected users

Go to solution
TJ_10505309
6-Contributor
6-Contributor
‎Sep 13, 2025 03:56 PM
‎Sep 13, 2025 03:56 PM

PDMLink disconnected users

Article cs366586 refers to creating 2 mapping xml files. When I run the windchill wt.org.util.ReconnectPrincipalsUtility command below, it errors with mapping file not found. I assume that both the dnMapping and adapterMapping files need to be placed in a $WT_HOME directory before running the windchill comand. Can someone give advice on where these should be placed and if any wt.properties need to be set

 

Thanks in advance TJ

 

<dnMapping>\n

       <reconnect>\n

            <sourceDN>uid=$email,ou=<>,cn=<>,cn=<>,o=ptc<sourceDN>\n";

           <targetDN>uid=$email,ou=users,dc=xxxxxxx=,dc=okta,dc=com</targetDN>\n";

       <reconnect>\n

<dnMapping>\n

 

<adapterMapping>

           <sourceAdapter>net.company.InternalLdap</sourceAdapter>

           <targetAdapter>net.company.EnterpriseLdap</targetAdapter>

</adapterMapping>

 

windchill wt.org.util.ReconnectPrincipalsUtility [-u "wc_admin" ] [-p "xxxxxxxxx" ] [-f "/home/xxxx/mapping.xml"] [-d] [-h]

0 Kudos
Notify Moderator
ACCEPTED SOLUTION

Accepted Solutions
mmeadows-3
16-Pearl
16-Pearl
(To:TJ_10505309)
‎Sep 13, 2025 08:31 PM
‎Sep 13, 2025 08:31 PM

It looks like you are at the end of an upgrade, moving away from WindchillDS to the corporate LDAP.
 
I used this utility to migrate users once.  Here is an example of the command for mapping user DNs.  The file doesn't have to be in the the Windchill load point.
windchill wt.org.util.ReconnectPrincipalsUtility -u wcadmin -p {password} -f D:\PTC\ParticipantsMap.xml
 
This is the syntax of ParticipantsMap.xml where <reconnect> can be repeated as many times as needed.
<dnMapping>
<reconnect>
<sourceDN>uid=$email,ou=<>,cn=<>,cn=<>,o=ptc</sourceDN>
<targetDN>uid=$email,ou=users,dc=xxxxxxx=,dc=okta,dc=com</targetDN>
</reconnect>
</dnMapping>
 
The <adapterMapping> is only necessary when migrating the user from one JNDI Adapter to another and I haven't needed it.  I'm guessing you would run the adapter mapping as a separate file.
windchill wt.org.util.ReconnectPrincipalsUtility -u wcadmin -p {password} -f D:\PTC\AdaptersMap.xml
 
And the AdaptersMap.xml would look like this.
<adapterMapping>
<sourceAdapter>net.company.InternalLdap</sourceAdapter>
<targetAdapter>net.company.EnterpriseLdap</targetAdapter>
</adapterMapping>

 

The fun part is mapping source to target DNs for hundreds or thousands of users.

-- Get source DNs (DB query)
select wtu.name, wtu.email, roid.remoteObjectId from WTUser wtu, RemoteObjectInfo roin, RemoteObjectId roid where wtu.idA2A2=roin.idA3A3 and roin.remoteId=roid.idA2A2 order by email;
 
# Get target DNs (Powershell)
Get-ADUser -Filter 'objectClass -eq "user" -and memberOf -eq "{DN of Windchill filter group}"' -SearchBase "{search base}" | Format-Table sAMAccountName,userPrincipalName,DistinguishedName -A
 

I put the values in Excel and align old and new values. Sometimes user's name or email attributes match or follow a consistent pattern between LDAP servers.  Sometimes it gets very tedious.  There is a way to export Excel to structured XML.  I did it once, but can't find my template file now.


In most cases I've found it quicker and easier to just update all the users with a DB query.  The <dnMapping> just updates the RemoteObjectId.remoteObjectId value.   Each sourceDN/targetDN pair is equivalent to this database update line.

-- Update one entry at a time.
update RemoteObjectId set remoteObjectId='uid=$email,ou=users,dc=xxxxxxx=,dc=okta,dc=com' where remoteObjectId='uid={userPrincipalName},ou=<>,cn=<>,cn=<>,o=ptc';

Or, when the DN structure changes are consistent...

-- Replace 'ou=<>,cn=<>,cn=<>,o=ptc' with 'ou=<>,cn=<>,cn=<>,o=ptc','ou=users,dc=xxxxxxx=,dc=okta,dc=com'
update RemoteObjectId set remoteObjectId=replace(remoteObjectId,'ou=<>,cn=<>,cn=<>,o=ptc','ou=users,dc=xxxxxxx=,dc=okta,dc=com') where remoteObjectId like '%,ou=<>,cn=<>,cn=<>,o=ptc';

 
Maybe someone else can respond with a full example for you.

View solution in original post

Notify Moderator
3 REPLIES 3
mmeadows-3
16-Pearl
16-Pearl
(To:TJ_10505309)
‎Sep 13, 2025 08:31 PM
‎Sep 13, 2025 08:31 PM

It looks like you are at the end of an upgrade, moving away from WindchillDS to the corporate LDAP.
 
I used this utility to migrate users once.  Here is an example of the command for mapping user DNs.  The file doesn't have to be in the the Windchill load point.
windchill wt.org.util.ReconnectPrincipalsUtility -u wcadmin -p {password} -f D:\PTC\ParticipantsMap.xml
 
This is the syntax of ParticipantsMap.xml where <reconnect> can be repeated as many times as needed.
<dnMapping>
<reconnect>
<sourceDN>uid=$email,ou=<>,cn=<>,cn=<>,o=ptc</sourceDN>
<targetDN>uid=$email,ou=users,dc=xxxxxxx=,dc=okta,dc=com</targetDN>
</reconnect>
</dnMapping>
 
The <adapterMapping> is only necessary when migrating the user from one JNDI Adapter to another and I haven't needed it.  I'm guessing you would run the adapter mapping as a separate file.
windchill wt.org.util.ReconnectPrincipalsUtility -u wcadmin -p {password} -f D:\PTC\AdaptersMap.xml
 
And the AdaptersMap.xml would look like this.
<adapterMapping>
<sourceAdapter>net.company.InternalLdap</sourceAdapter>
<targetAdapter>net.company.EnterpriseLdap</targetAdapter>
</adapterMapping>

 

The fun part is mapping source to target DNs for hundreds or thousands of users.

-- Get source DNs (DB query)
select wtu.name, wtu.email, roid.remoteObjectId from WTUser wtu, RemoteObjectInfo roin, RemoteObjectId roid where wtu.idA2A2=roin.idA3A3 and roin.remoteId=roid.idA2A2 order by email;
 
# Get target DNs (Powershell)
Get-ADUser -Filter 'objectClass -eq "user" -and memberOf -eq "{DN of Windchill filter group}"' -SearchBase "{search base}" | Format-Table sAMAccountName,userPrincipalName,DistinguishedName -A
 

I put the values in Excel and align old and new values. Sometimes user's name or email attributes match or follow a consistent pattern between LDAP servers.  Sometimes it gets very tedious.  There is a way to export Excel to structured XML.  I did it once, but can't find my template file now.


In most cases I've found it quicker and easier to just update all the users with a DB query.  The <dnMapping> just updates the RemoteObjectId.remoteObjectId value.   Each sourceDN/targetDN pair is equivalent to this database update line.

-- Update one entry at a time.
update RemoteObjectId set remoteObjectId='uid=$email,ou=users,dc=xxxxxxx=,dc=okta,dc=com' where remoteObjectId='uid={userPrincipalName},ou=<>,cn=<>,cn=<>,o=ptc';

Or, when the DN structure changes are consistent...

-- Replace 'ou=<>,cn=<>,cn=<>,o=ptc' with 'ou=<>,cn=<>,cn=<>,o=ptc','ou=users,dc=xxxxxxx=,dc=okta,dc=com'
update RemoteObjectId set remoteObjectId=replace(remoteObjectId,'ou=<>,cn=<>,cn=<>,o=ptc','ou=users,dc=xxxxxxx=,dc=okta,dc=com') where remoteObjectId like '%,ou=<>,cn=<>,cn=<>,o=ptc';

 
Maybe someone else can respond with a full example for you.
Notify Moderator
MTH
10-Marble
10-Marble
(To:TJ_10505309)
‎Sep 15, 2025 10:46 AM
‎Sep 15, 2025 10:46 AM

 The load files could be placed anywhere as long as you provide the absolute path in the command line

Notify Moderator
vnamboodheri
Moderator
Moderator
(To:TJ_10505309)
‎Sep 19, 2025 02:01 AM
‎Sep 19, 2025 02:01 AM

Hello @TJ_10505309

 

It looks like you have some responses from some community members. If any of these replies helped you solve your question please mark the appropriate reply as the Accepted Solution. 

Of course, if you have more to share on your issue, please let the Community know so other community members can continue to help you.

Thanks,
Vivek N.
Community Moderation Team.

0 Kudos
Notify Moderator
Announcements
Contact Community Management
Top Tags