LDAP as datasource

Another weird question.
Is it possible to use LDAP as one of the datasources?

Hi MAnish,
For Dual stack its NOT possible to change UME datasource from ABAP.
Regards
Deb

Similar Messages

  • LDAP as datasource for SAP EP7.0

    Hi All,
    I want to configure the LDAP as the datasource for the SAP EP 7.0(have both j2ee + abap stack).
    I followed many of the documents like: Note 777640 - Using an LDAP Directory as UME Data Source and SAP library.
    But when I want to change the datasource for the UME,
    System configuration> system administration>UMconfiguration--> datasource tab
    There I can be able to see only the abap datasource. But when i followd the same for EP6.0(only j2ee),
    there are many data sources like database only, AD etc.
    So how can I proceed for the SAP EP 7.0 configuration with LDAP.
    Any help will be appreacited.
    HAPPY NEW YEAR TO ALL.
    Regards
    Manisha

    Hi MAnish,
    For Dual stack its NOT possible to change UME datasource from ABAP.
    Regards
    Deb

  • How to do LDAP/OID as datasource in OBIEE

    We have a requirement to read data from LDAP in the repository and expose the imported structure to business model and inturn in presentation area. So that we can create simple OBIEE report using the LDAP data.
    1. How to add LDAP as datasource/database ?
    2. How to define the driver's for LDAP ?
    3. Is that possible to have thrid party datasource definition, how to get it listed in the "Database" ?
    Thanks
    Ayaps

    If you are using Oracle then you can use PL/SQL to read LDAP. See the following post which shows a way to do it:
    http://oraclebizint.wordpress.com/2007/10/12/oracle-bi-ee-101332-and-oid-user-and-group-phase-2/

  • LDAP Configuraton: Is it possible to block 2500 users??

    Hello experts,
    we are running an EP with about 2500 users. The database for all users is the Protal´s DB sofar.
    However we would like to use the company´s AD for retreiving user data.
    Now, the users in the portal database have more o less the same LogonID as they have in the AD.
    In the LDAP Configuraton one can block special users like Administrator or Guest. These users are always retrieved from the Portal´s DB and never from the AD. Makes sense.
    However in our case, would it be possible to block all 2500 users who are already in the Portals DB and all new users who get integrated to the portal come from the AD?
    I can imagine this is an big issue for the UME. To go through all 2500 LogonIDs every time a user wants to log in.
    Thanks in advance.
    Thomas

    Hello Virender Sharma,
    the point is, we are already running a productive system with more than 2500 users stored in portal´s database.
    We didn´t connect so far to LDAP.
    We didn´t connect to LDAP during portal installation years ago.
    Now, we know that it has been a huge error that we didn´t connect to LDAP at the very beginning.
    The used UserIDs in portal´s database are identical with the ones used in LDAP.
    Now we would like to switch to LDAP as datasource. However we do not want to delete all users in portal´s database because of inconsistency with the current portal system.
    The idea is to block all user data from all 2500 portal users from being retrieved from LDAP.
    Only data from new users should be retrieved from LDAP.
    I hope now the issue is clear.
    Can a productive system work well with the configuration of 2500 users being blocked in the UME?
    Thanks in advance.
    Thomas

  • LDAP configuration for HR Portal in dual stack EHP4 - Best Practice

    Hi Experts,
               Hello Experts,
    We are trying to use the JAVA Stack of ECC server for HR Portal i.e Dual Stack and have applied EHP4 package for ESS/MSS Appraisal. When we are trying to configure the LDAP ADS datasource through portal , we are not able to do it since ABAP datasorce file is available by default.This we are doing for HR(ESS/MSS) Portal.This is for access to the object data stored in the Active Directory.
    We have already checked note 718383.
    Also, for the scenatrio ,LDAP <-> ABAP <-> J2EE
    We have already checked sap help doc.here:
    http://help.sap.com/erp2005_ehp_04/helpdata/EN/e6/0bfa3823e5d841e10000000a11402f/frameset.htm
    What should now be the best practice to follow for configuration ? Should we go for separate Portal server or is it possible to use Java Stack of ECC server for configuration ?
    Also, LDAP <-> ABAP <-> J2EE scenario please suggest if it a best practice and we can follow the same .What are the limitations , risks and issues ? Please suggest if this has been implemented and running well in any live project .
    Are the suggestions applicable for load balanced production servers as well?
    Thanks,
    Rakesh

    Hi,
    the UME datasource must remain ABAP but you can sync the users between ABAP and LDAP using the LDAP connector:
    http://help.sap.com/saphelp_nw70ehp2/helpdata/en/48/74040175bb501ae10000000a42189b/frameset.htm
    Regards,
    Jozsef

  • MS Active Directory 2008 as UME datasource for AS Java

    Hello,
    We are running SAP EP on top of a SAP AS Java using LDAP certification, so users
    from MS Active Directory 2003 domain are trusted by the Portal
    I've now a problem with the version upgrade of MS Active Directory from 2003 to 2008,
    it seems only SAP AS ABAP supports MS AD 2008, and our instance is JAVA only
    Note 983808 - "Certified LDAP servers" also confirm this
    Do you know if AD 2008 is supported, if any note has been released about this and
    any document to help me wiith this issue?
    thanks in advance!
    Rafael

    Hi Patrick, thanks for the answer
    I checked the note and it refers about Windows 2008 and a scenario with SSO, that's not our case.
    We just have AD as a LDAP UME datasource, users must still pass user and password which
    is then checked and then login is authorized
    you mentioned AD 2008 is supported for Netweaver AS Java, could you send me any document
    or note with procedures or anything for configuring it ?
    kind regards,
    Rafael

  • R/3 User database Migration to LDAP

    Dear all,
    I would like to ask for your suggestion about migration from using user database in R/3 to using LDAP as users data source.
    Currently we are using SAP R/3 as user data source since infrastructure in LDAP side will be deployed to the large user groups which includes just small group using SAP and the LDAP live date will be later than portal Live date.
    In next few years, we plan to use LDAP as datasource for portal to consolidate and use the
    same source of users.
    I would like to ask for your advice that in which specific areas that we would have to be
    careful to handle it.
    So far, I can determine only:-
    - User Naming Convention.
    - Prepare LDAP in QA and DEV environment to also support testing.
    If anyone has experience with such scenarios, kindly advise.
    Thank you

    Hi
    Hi,
    SSO
    <a href="http://help.sap.com/saphelp_nw04/helpdata/en/89/6eb8deaf2f11d5993700508b6b8b11/frameset.htm">SSO</a>
    <a href="http://help.sap.com/saphelp_nw04/helpdata/en/89/6eb8deaf2f11d5993700508b6b8b11/frameset.htm">SSO To SAP system</a>
    <a href="http://help.sap.com/saphelp_nw04/helpdata/en/89/6eb8deaf2f11d5993700508b6b8b11/frameset.htm">Single Sign-On with SAP Logon Tickets</a><a href="http://help.sap.com/saphelp_nw04/helpdata/en/89/6eb8deaf2f11d5993700508b6b8b11/frameset.htm">Single Sign-On with User ID and Password</a>
    Connectiing to LDAP
    http://help.sap.com/saphelp_nw04s/helpdata/en/12/7678123c96814bada2c8632d825443/frameset.htm
    Anonymous
    http://help.sap.com/saphelp_nw04s/helpdata/en/cd/1aad4abcb98c4597f9e395a6b62f43/frameset.htm
    Federated Portal.
    I have never worked so cant tel much about that.
    In the above three if you have nay problem you can reach , i guess u have my mail id also.
    Thanx
    Pankaj

  • UME-LDAP Configuration

    We want to use LDAP as the datasource for our portal.Can anyone provide me with the step by step guide to do the ume configurations for the same.Also what would be the steps if I use R/3 as my datasource?

    Hello Anzar,
    There is lot of information on SDN and SAP help. Have a look at the following links. They might help you.
    http://help.sap.com/saphelp_nw70/helpdata/en/12/7678123c96814bada2c8632d825443/content.htm
    http://help.sap.com/saphelp_nw70/helpdata/en/48/d1d13f7fb44c21e10000000a1550b0/frameset.htm
    http://help.sap.com/saphelp_nw04s/helpdata/en/81/0e0f61b566dc44bbb4055b3ccd25be/frameset.htm
    LDAP as datasource for SAP EP7.0
    I hope the above links will help you. All the best.
    Regards,
    Gopal.
    Edited by: Gopal on Apr 27, 2010 11:26 AM

  • Regarding LDAP

    hi guys,
    need clarification on LDAP. I know LDAP is Light weight Directory access protocol.
    but no idea how its used for EP and Java.
    Please correct my understanding if its wrong.
    LDAP is protocol and this protocol accesses LDAP directories(need Software to be installed like Active directory, openLDAP etc).
    Now In EP, what do you mean by changing UME to LDAP as datasource. I know UME is Repository for Java Users. But Changing datasource to LDAP means adding LDAP directory(like ADS) and add Java Users to it?
    I am confused with LDAP, LDAP Directory, LDAP Datasource and LDAP(users,Groups) . How it can be really accessed and confirm it?
    regards
    Jaichan

    Java supports the access to an active directory over LDAP to store its users. Basically all you have to do is specify the ldap server and its port and you need a user with at least read permissions on the ldap server.
    I further suggest you check out the official SAP documentation: [UME -  LDAP Directory as Data Source|http://help.sap.com/erp2005_ehp_04/helpdata/DE/48/d1d13f7fb44c21e10000000a1550b0/frameset.htm]
    Best regards, Michael

  • LDAP querying using iReport

    Hi
    Does anybody know if it is possible to make LDAP queries using iReport
    or if there is any LDAP Connection (datasource type) available that I
    could reuse?
    I am running iReport 3.0 and there are lots of datasource types but
    none of them is LDAP.
    I know, I believe that it is not a SLM/Sentinel report question but
    iReport in general but if someone has already done that before, please
    let me know. If someone also could get iReport to call an external Java
    code, it would be sufficient as well. I have not find an way to call
    external Java code as well.
    Regards
    HH
    hugohigashi
    hugohigashi's Profile: http://forums.novell.com/member.php?userid=89996
    View this thread: http://forums.novell.com/showthread.php?t=446788

    hugohigashi;10460 Wrote:
    > Yes, you are right. But is it possible to upload that custom datasource
    > driver on SLM and/or Sentinel report environment?
    >
    >
    > --
    > hugohigashi
    > ------------------------------------------------------------------------
    > hugohigashi's Profile: http://forums.novell.com/member.php?userid=89996
    > View this thread: http://forums.novell.com/showthread.php?t=446788
    This can likely be accomplished by publishing a LDAP connection library
    jar and writing some custom code to access LDAP. You'd have to have a
    system that was okay with running anonymous LDAP queries, or providing
    passwords in clear-text via a report parameter.
    So technically possible, but as David said - you're probably best off
    syncing this information into identities or if this is MSSQL, sync the
    data you want out into a SQL table, and use the built-in AD integration
    to join usernames.
    brandon.langley
    brandon.langley's Profile: https://forums.netiq.com/member.php?userid=350
    View this thread: https://forums.netiq.com/showthread.php?t=2441

  • Javax.ejb Error

    Hi all,
    I am m using this code in my portal application:import javax.ejb.CreateException; trying to  connect to a DataSource, but my NWDS keeps showing the red mark near the code: Javax.ejb cannot be resolved. I added j2ee.jar to my config and to classpath my NWDS but nothing seems to work.
    I am using NWDS 7.0.10.
    Points will be awarded.
    Thanx
    Sara

    HI Sara,
    I could see some problem at the line where we are triming it may vary from the Datasource , dunno how it will behave in case of LDAP as datasource.The above code will deft work but can be problem as in my scenraio u i removed the first 27 character and then it gave me the user id .
    till then you can try not sure
    IUserContext iuc = request.getUser();
    String logonUserid = iuc.getLogonUid();
    String eMail = iuc.getEmail();
    String logonName = iuc.getDisplayName();
    Also for this you have to create a Portal request object. Please add this code also for getting the request object.
    IPortalComponentRequest request =(IPortalComponentRequest) this.getRequest();
    In case i get some special method will let know.
    Thanx
    Pankaj

  • EP starting failed after switching UM datasource to LDAP

    I would like to use Windows 2003 AD as user storage of EP. For this purpose, I completed the necessary configuration steps according to online help but still not able to connect EP to LDAP.
    Test button show me that parameters entered in the LDAP configuration tab is correct. But once I change the UM datasource to dataSourceConfiguration_ADS_readonly_db.xml and restart the J2EE server. The application server won't start up successfully. It indicated problems with a yellow flag on the server node. Clicking the processes will display that some processes is running. Trace file outlines problem as below:
    Jul 15, 2006 11:22:50...        com.sap.security.core.persistence [SAPEngine_System_Thread[impl:5]_62] Fatal: No connection to the ldap server, recheck configuration or availability of directory server
    Jul 15, 2006 11:22:50...        com.sap.security.core.persistence [SAPEngine_System_Thread[impl:5]_62] Fatal: Server not available,recheck configuration or availability of directory server
    Jul 15, 2006 11:22:50...        com.sap.security.core.persistence [SAPEngine_System_Thread[impl:5]_62] Fatal: Initialisation of a connection pool failed for UACC please check the configuration or availability of the directory server
    Jul 15, 2006 11:22:50...        com.sap.security.core.persistence [SAPEngine_System_Thread[impl:5]_62] Fatal: Please recheck the LDAP configuration Initialisation of connection pool failed for UACC
         poolname shaw2k99:389_UACC
         java.naming.provider.url= ldap://shaw2k99:389/CN%3DUsers%2CDC%3Ddimension%2CDC%3Dcom%2CDC%3Dcn
         java.naming.factory.initial= com.sun.jndi.ldap.LdapCtxFactory
         java.naming.ldap.version= 3
         connection_pool_name= shaw2k99:389_UACC
         java.naming.security.authentication= simple
         [EXCEPTION: no connection to the ldap server:[LDAP: error code 1 - 00000000: LdapErr: DSID-0C090627, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, vece ]]
    Jul 15, 2006 11:22:50...        com.sap.security.core.persistence [SAPEngine_System_Thread[impl:5]_62] Fatal: DataSource CORP_LDAP:Initialisation of connection manager failed because: Initialisation of connection pool failed for UACC
         poolname shaw2k99:389_UACC
         java.naming.provider.url= ldap://shaw2k99:389/CN%3DUsers%2CDC%3Ddimension%2CDC%3Dcom%2CDC%3Dcn
         java.naming.factory.initial= com.sun.jndi.ldap.LdapCtxFactory
         java.naming.ldap.version= 3
         connection_pool_name= shaw2k99:389_UACC
         java.naming.security.authentication= simple
         [EXCEPTION: no connection to the ldap server:[LDAP: error code 1 - 00000000: LdapErr: DSID-0C090627, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, vece ]]
    Jul 15, 2006 11:22:50...        com.sap.security.core.persistence [SAPEngine_System_Thread[impl:5]_62] Fatal: Initialization of UME persistence adapter "CORP_LDAP" failed.
      service com.sap.security.core.ume.service ================= ERROR =================
    Core service com.sap.security.core.ume.service failed. J2EE Engine cannot be started.
    com.sap.engine.frame.ServiceException: Initialisation of connection pool failed for UACC
    Does anyone have clue on this? Thanks!
    My EP version: EP 7.0 SP4
    AD version: 2003

    Hello,
    I don’t think, that the problem is directly related with the usage of SSL. We don’t use SSL and we have the same problem mentioned in the first post of this topic in our portal. We are using EP7 SP8.
    The connection tests in the config-tool and in the UME-configuration of the EP indicates us, that the connection to the LDAP-Server is working correct.  But when we are restarting the portal, then the following exception appears and the server stops to start:
    com.sap.security.core.persistence.datasource.PersistenceException: Initialisation of connection pool failed for UACC
            poolname <ip-address>:389_UACC
            java.naming.provider.url= ldap:// <ip-address>:389/…
            java.naming.factory.initial= com.sun.jndi.ldap.LdapCtxFactory
            java.naming.ldap.version= 3
            com.sun.jndi.ldap.connect.timeout= 25000
            connection_pool_name= <ip-address>:389_UACC
            java.naming.security.authentication= simple
            [EXCEPTION: No connection to the ldap server: [LDAP: error code 1 - 00000000: LdapErr: DSID-0C090627, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, vece]]
            at com.sap.security.core.persistence.datasource.imp.LDAPConnectionManager.initConnectionPools(LDAPConnectionManager.java:777)
            at com.sap.security.core.persistence.datasource.imp.LDAPConnectionManager.initialize(LDAPConnectionManager.java:83)
            at com.sap.security.core.persistence.datasource.imp.LDAPPersistence.init(LDAPPersistence.java:453)
    Has anyone a hint how to solve our problem?
    Regards,
    Udo

  • UME with ABAP AS and LDAP Datasource

    Hello SDN´s
    We have tried very hard for the last days configuring the ume-xml for the following scenario:
    -     LDAP is used to authenticate the user
    -     AS ABAP is used to store the roles of the user (because they automatically becomes groups in the portal)
    - the portal and the ABAP-system are  on different servers
    Given facts:
    1)     we canu2019t synchronize the roles of the ABAP system to the LDAP
    2)     we have to use the open-LDAP for the authentication
    3)     DataSources are readonly
    4)     User can have similar or different userid´s on the DataSources (Mapping required)
    Therefore, we read the user and account information from the LDAP and groups/roles form the ABAP AS.
    Result:
    a)     user with similar userid on LDAP and ABAP AS: These user were no longer able to log on to the portal
    b)     user with different id´s (mapped) on LDAP and ABAP: Can log on
    Questions:
    -     Is it true that similar userid´s leads to inherent problems of the UME Persistence Manager?
    -     Did we set up a wrong config-xml?
    -     Is there any other way how we could authenticate to the LDAP and having the Roles of a user read from the ABAP system dynamically?
    Thank you very much for your help
    Sincerely, A. Hunziker

    Hi Andre,
    Not sure if my remarks below can help you but I do hope that it can shine you some light.
    We have LDAP as our main UME, which is configured in our Portal7.0. This means that security groups created in LDAP are "replicated" into the Portal. We created Portal Roles which are assigned to the security groups created in LDAP. We also use SSO and it was setup via the SPNego Wizard (http://help.sap.com/saphelp_nw70/helpdata/EN/45/40a0de773a7527e10000000a114a6b/frameset.htm). This way, the user only needs to login via Windows and access the Portal without having to login (when users have the same Windows userID as that of their SAP ID). If the users have a different userID between Windows and SAP, then they do a user map under personalization of the Portal.
    To connect our Portal to our backend systems, we created a reference system (http://help.sap.com/saphelp_nw70/helpdata/EN/89/6eb8deaf2f11d5993700508b6b8b11/frameset.htm) and we have our Portal certificates in all backend systems (http://help.sap.com/saphelp_nw70/helpdata/EN/d3/41c8efb31d11d5993800508b6b8b11/frameset.htm).
    With the above, users have SSO from Windows to Portal and via the reference system, they can enjoy SSO as well into our backend systems.
    Basically we have control what the users can see from the Portal (directly from LDAP security groups with users assigned to that) and what the user can do on backend is still maintain in the backend authorisation setup.
    Hope that can help you.
    Ray

  • Configuring Multiple LDAP Datasources in VDS

    Hi,
    I'm trying to configure multiple LDAP Datasources using VDS, one talking to AD and other to Novell eDir from VDS, my LDAP connection strings works well but when I start the service in VDS the service will never startup all I see is Exception null, it does not throw any exception at the same time it doesn't start up the service. I've tried configuring with signle Datasource which works fine. This is failing  when I combine those two datasources into one configuration. Have any configured multiple datasources with in VDS. Not sure if you have encountered any problems.
    Thanks,
    Joe.P

    Are you just trying to bring in two LDAP data sources or do a join between them? 
    Actually both I believe are considered types of joins.
    You cannot just define two datasources and expect them to show up.

  • Self Registration for UME using LDAP as the datasource

    Hi,
    Am I able to config the self registration when my UME is mapped to LDAP datasource? If yes, how am I going to do this as I'm not able to find the ume.logon.selfreg=TRUE.
    Thanks!

    Hi,
    Isn't this option there in /useradmin ? Go to http://hostname:port/useradmin and click on Configuration. Go to the tab User Admin UI and there select the option for enabling self-registration.
    Also, should be available in configtool under the core ume service.
    Regards,
    Shitij

Maybe you are looking for