Summary
For various reasons it may be necessary to restrict access to the OTA API in ALM
Question
For various reasons it may be necessary to restrict access to the Open Test Architecture (OTA) API in Appliation Lifecycle Management (ALM).
Answer
To restrict OTA API access the ALM client should be installed in isolated mode and not registered.
Because an isolated (non-registered) install does not register the OTAClient.dll file, OTA access is not programmatically possible.
Because an isolated (non-registered) install does not register the OTAClient.dll file, OTA access is not programmatically possible.
If the ALM client was installed using a .msi file and is currently registered it will be necessary to uninstall the client by running the .msi again and selecting the “Remove” option.
Follow this by running the ALM Client Uninstaller which can be downloaded from http://support.microfocus.com/kb/kmdoc.php?id=KM1400068
If the ALM Client was installed and registered using the browser push then uninstall the client using http://support.microfocus.com/kb/kmdoc.php?id=KM1400068
To install the client in isolated mode (non-registered) using the browser-push use the following URL example:
Do not use “http:// <server_name>:<port>/qcbin/start_a.jsp?common=true” as this will register the client.
If using the ALM MSI Generator be sure to not check the “Include Component Registration” check box. By doing this the client will not be registered.
Important: Mind that with an isolated mode install of the ALM client that it will not be possible to use integrations with ALM such as QTP, UFT, Word and Excel add-ins, etc. Only browser access through Internet Explorer or ALM Explorer is possible.
Note A: Restricting the client(s) from installing software is recommended to prevent inadvertant registration of the ALM Client where OTA access could then be gained.
Note B: In cases where registering the ALM client is requied, providing OTA access, measures should be taken to educate and track these users on correct implementation and use of the API.