Generic LDAP Connector used against AD

Similar Messages

• Generic LDAP Connector

  Hi,
  do we have in OIM such as a Generic LDAP connector to connect
  LDAPs like OpenLdap?
  Thanks.

  The traditional solution to your problem is to take the "Sun Java System Directory" connector and customize it. All the LDAP based connectors are based on JNDI so they will work fine with any LDAP v3 server.
  I seem to remember that there was some talk of LDAP support in the generic technology connector framework but it doesn't look like the support is there in 9.1.
  Best regards
  /M

• Anyone have SAP GRC CUP LDAP connector using port 636 SSL working?

  Hello,
  I wanted to verify if anybody connects to an eDirectory (or any other) LDAP in CUP using SSL port 636?
  Statement I received from SAP is that this is not supported in CUP, and only non SSL connections to LDAP work. I just have trouble to believe this as SSL would be best practice in any company.

  Pados,
    By using STUNNEL, CUP will not know about SSL. CUP will always think it is a regular connection but stunnel will send SSL connection to LDAP. Here is the link:
  http://www.stunnel.org/
  Regards,
  Alpesh

• Question about 'Generic Database Connector'

  Hi SAP IdM Gurus,
  I found 'Generic Database Connector' in the list of SAP NW IdM connectors overview.
  I'd like to check the capability of this connector in detail. 
  I'm wondering whether it could provide not only  a connectivity of RDBMS, but also custom-developed application using the RDBSM for their ID/Password repository. If it provides only a connectivity of RDBMS, Is there a connector for the custom-developed application using the RDBSM for their ID/Password repository?
  My question is that which connector is used for the connectivity  of custom-developed application using the RDBSM for their ID/Password repository.
  I would really appreciate it if you could answer the question.
  Thanks
  Kenneth

  Kenneth,
  The Generic Database connector uses a JDBC connection and allows for the and writing to databases.
  That being said, you can also use this connection to set up access to the system or drop access using SQL commands and set them up per the framework.
  What specific Database are you working with?
  Matt

• How to develop connector using identity connector framework in OIM 11g

  How to develop Ldap connector using identity connector framework in OIM 11g. A sample would be helpful (specifically LDAP). In some thread it is written to download org.identityconnectors.ldap-1.0.5119.jar file but none of the existing links works. Please let me know if anyone has this jar file.

  Thanks. I started developing connector using the ICF. When I depoyed my connector and tried to invoke it from a stand-alone client I encounterd the following error :
  Exception in thread "main" java.lang.NullPointerException
       at org.identityconnectors.framework.impl.api.local.ConnectorBundleManifestParser.getAttributes(ConnectorBundleManifestParser.java:55)
       at org.identityconnectors.framework.impl.api.local.ConnectorBundleManifestParser.<init>(ConnectorBundleManifestParser.java:50)
       at org.identityconnectors.framework.impl.api.local.LocalConnectorInfoManagerImpl.processURL(LocalConnectorInfoManagerImpl.java:193)
       at org.identityconnectors.framework.impl.api.local.LocalConnectorInfoManagerImpl.expandBundles(LocalConnectorInfoManagerImpl.java:91)
       at org.identityconnectors.framework.impl.api.local.LocalConnectorInfoManagerImpl.<init>(LocalConnectorInfoManagerImpl.java:72)
       at org.identityconnectors.framework.impl.api.ConnectorInfoManagerFactoryImpl.getLocalManager(ConnectorInfoManagerFactoryImpl.java:81)
       at org.identityconnectors.framework.impl.api.ConnectorInfoManagerFactoryImpl.getLocalManager(ConnectorInfoManagerFactoryImpl.java:66)
       at org.identityconnectors.ent.Main.main(Main.java:35)
  Any input on the same would be helpful.

• How do I use Generic LDAP Authentication in JDeveloper?

  I have an existing JSP/Java Servlet application that uses a generic LDAP server for user authentication. Each JSP page checks the user name against a database entry for authorization to that page (it’s a legacy app).
  The following web.xml fragment describes the
  security/login configuration:
  <security-constraint>
  <display-name>I Security Constraint</display-name>
  <web-resource-collection>
  <web-resource-name>ALL</web-resource-name>
  <url-pattern>/*</url-pattern>
  <http-method>GET</http-method>
  <http-method>POST</http-method>
  </web-resource-collection>
  <auth-constraint>
  <description>I</description>
  <role-name>*</role-name>
  </auth-constraint>
  <user-data-constraint>
  <transport-guarantee>NONE</transport-guarantee>
  </user-data-constraint>
  </security-constraint>
  <login-config>
  <auth-method>BASIC</auth-method>
  <realm-name>I Enterprise Server</realm-name>
  </login-config>
  I want to use JDeveloper and the built-in OC4J environment for development/debugging. I have tried configuring jazn.xml to use a LDAP provider (both in **\j2ee\home\config\ and **\jdev\system9.0.3.1035\oc4j-config\)
  1) How do I configure the internal OC4J environment to use the generic LDAP service?
  2) Does the JAZN LDAP only work with Oracle OID?
  3) Is there a document or list-of-documents that consolidates the JDeveloper OC4J server administration functions? The existing OC4J administrative documentation is splattered about various web documents.
  Thanks
  Jake

  Todd,
  This how-to may help answer some of your questions
  http://otn.oracle.com/tech/java/oc4j/htdocs/how-to-jazn.html
  If you have additional questions on configuring jazn.xml for LDAP and OiD, I think your best bet is post to 9iAS J2EE forum.
  Thanks,
  Yvonne

• How to save HR data in Active Directory using ABAP i.e thru LDAP Connector

  Hi All,
         Can any one please help me out how
         to save HR data in Active directory
         using LDAP Connector ?             
         Please help ASAP as it is very urgent .
  Thanks
  Jitendra

  There are 100 of such scripts are there online.
  here are few tips and codes. you will get more.  
  https://gallery.technet.microsoft.com/scriptcenter/Feeding-data-to-Active-0227d15c
  http://blogs.technet.com/b/heyscriptingguy/archive/2012/10/31/use-powershell-to-modify-existing-user-accounts-in-active-directory.aspx
  http://powershell.org/wp/forums/topic/ad-import-csv-update-attributes-script/
  Please mark this as answer if it helps

• Update email on IT0105 from Active Directory using LDAP connector

  Hi,
  I see lots of  threads in this area, but none on this particular requirement.
  The requirement is simply to retrieve email addresses from AD by feeding the employee number into the LDAP connector. The email address returned would then be used to update the email field on IT0105.  (Our AD is set up with employee number as key)
  Does anyone know if there are any standard reports or functionality around to allow the customer to do this? I would prefer to rule this option completely out before looking at writing an abap to do the job.
  Regards
  Phil

  hi
  check if the below link of any use to you
  http://help.sap.com/saphelp_nw04s/helpdata/en/eb/0bfa3823e5d841e10000000a11402f/frameset.htm
  regards
  sameer

• LDAP Connector - no use of ldap_rfc.cfg ?

  Hello.
  we're using LDAP Connector 2.8.8.
  We had created the "ldap_rfc.cfg" in the D:\usr\sap\JSM\DVEBMGS00\work Directory.
  In the file we had defined the value :
  pagesize=200
  But when we're starting the connector it ignores all settings in the configuration file.
  Are we doing something wrong or did we miss a thing ?
  Thanks in advance,
  Sebastian

  Does the "test connection" in SM59 still work?
  If yes, then the problem is in one of the LDAP connector functions.
  If no, then it is most likely a SAP function (or a copy of one...).
  Does ST11 or ST22 give you any more usefull information in a dump (e.g. which function is being called in the program)?
  Also try a gateway trace (transaction SMGW -> Expert Functions) Choose the GW trace in the security menu - NOT the "Trace Level Up / Down" functions, as this is the developer trace!
  LDAP032 looks to me like an "other error" returned from the external program not registering at the gateway... so you will only find the reason in that program's documentation and not within the ABAP application.
  The function list shows the following:
  LDAPRFC_LASTERR
     documentation not availabale
  LDAPRFC_DELETE
     documentation not availabale
  LDAPRFC_ADD
     documentation not availabale
  LDAPRFC_MODIFY
     documentation not availabale
  LDAPRFC_RENAME
     documentation not availabale
  LDAPRFC_COMPARE
     documentation not availabale
  LDAPRFC_SEARCH
     documentation not availabale
  LDAPRFC_OPTIONS
     documentation not availabale
  LDAPRFC_UNBIND
     documentation not availabale
  LDAPRFC_BIND
     documentation not availabale
  So if you cannot find a SAP Note or infos in the config guide, then I guess your only option is to open an customer message via https://service.sap.com
  (Tip: first check the config guide to make sure your config file is infact correct)
  Cheers,
  Julius
  Edited by: Julius Bussche on Jan 4, 2010 7:38 PM

• Ldap connector configuration

  Hello ,
  i have configured ldap connector in our ecc6 system.
  the ldap connector is configured against microsft AD - everything is working fine but i have a question
  in the ldap transaction , in the ldap servers button i have the option to configure a few server names.
  is it possible to configure 2 or more AD servers so that whenever one AD is down the system automatically connects to the second AD server
  i saw that there is a default selection option in the server names line - for what does it use?
  can i choose 2 systems to be default?
  please advise
  Regards,
  Moshe

  If theres 2 ldap server names for a single application and one of them is down it should try the other one as far as I can see.
  About the default option,  if you read the F1 doc it reads,
  This is used, if no server name is explicitly specified in the application (for example, user master synchronization using RSLDAPSYNC_USER). There can only be one default server for each LDAP application.
  So is used at application level
  Regards
  Juan
  PS: having said that, I cant see an option to automatically change the defaults in case of a problem
  Edited by: Juan Reyes on Nov 24, 2010 10:57 AM

• Error in LDAP Connector

  hi,
  Our idm use HCM,  so I try to use LDAP retrieved HR data. The JCo of Our idm and the ABAP RFC typed T run smoothy. When I start LDAP connector, it tells "Error starting LDAP Connector at operating system level".  In ST11, it reads follow:
     ======> JCO.Server could not find server function 'LDAPRFC_LOAD'
    ABAP Programm: SAPLSLDAP_CCMS (Transaction: LDAP)
    Called function module: LDAPRFC_LOAD
  I can't find the funtion LDAPRFC_LOAD.
  Is there any one can tell me a good method to solve it? Thanks very much!
  lily

  Forget to install LDAP Client at HCM OS

• Regarding Generic Technology Connector OIM

  Hi,
  With what type of resources can we use a generic technology connector (GTC) for recon and provisioning ?
  Can it be used for recon/provisioning with common resources like AD, ACF2 or simply with resources like flat file, ODS ?
  Kindly reply.
  Kind Regards,
  Varun

  For AD, ACF2 etc quite sophisticated OOTB connectors are already available. GTC is only for Flat File etc.
  GTC is a buggy technology and not recommended to be used.
  Oracle® Identity Manager Administrative and User Console Guide
  Release 9.1.0
  *26 Known Issues of Generic Technology Connectors*
  http://docs.oracle.com/cd/E10391_01/doc.910/e10360/issues.htm

• NDS error: duplicate value (-614) on Generic LDAP Export to NetIQ eDirectory

  Dear community,
  using the Generic LDAP Agent, the latest eDirectory (8.8.SP8 (20806.01) and FIM Version (4.1.3627.0)) I encounter the following problem in very special situations (namely when the value in eDirectory only differs from the FIM value by different upper/lower
  case letters:
  NDS error: duplicate value (-614)
  DirectoryOperationException: (0) 0 Server Message: The attribute exists or the value has been assigned.

  I don't see that as a Problem, when it is in fact doing string comparison.  You may need to write an advanced flow rule to simply say something like this
  CSHARP Snippet.  (if not equal, case does not matter)
  if !(csentry["co"].ToUpper().Equals(mventry["co"].ToUpper()))
   csentry["co"].Value =mventry["co"].Value ;
  Nosh Mernacaj, Identity Management Specialist

• Has anyone succcessfuly implemented oid = iplanet ldap integration using ODM

  I am trying to configure the execution and mapping tab in ODM but don't know what 'agent execution command' is. Also do I need to have admin type of account on the remote ldap to import into OID?

  I am trying to do the same thing.
  The agent execution command should be empty as per the documentation refer to C.34 OID Admin guide R 9.2.
  As for the user this is what the Documentation says
  "Connected Directory Account -
  (orclodipConDirAccessAccount)
  Valid user account on iPlanet Directory Server that the iPlanet Connector uses to access iPlanet Directory Server. If the changes are to be imported from iPlanet Directory Server to Oracle Internet Directory, then this user account should have read privilege in the iPlanet change log container. If the changes in Oracle Internet Directory are to be exported to iPlanet
  Directory Server, then the user must have add/modify privileges to the synchronization domain.
  Note: Create a user account in iPlanet exclusively for the iPlanet connector for synchronizing. "
  Let me know if u r successfull. Hope this helps.
  Vinodh R.

• LDAP connector/interface for business partner

  Hi Experts ,
  Our requirement is we have certain applications which are integrated
  with SAP Portal.
  For these applications Data sources are maintained in two different
  LDAPS.
  One LDAP (enterprise directory) is for USER data and the other LDAP for
  Company data(in this senario company data is nothing but business
  partner role oragnization).
  So here the question is, Can we use SAP standard LDAP connectors to
  make connectivity to the enterprise directory(LDAP)and push business
  partners data from CRM to the enterprise directory.
  In Standard SAP CRM system which are standard LDAP connectors support
  this functionality?
  Please advice me and also let me know if we have any SAP notes for this
  senario.
  Best Regards
  Prasad

  Curtis,
  The short answer is that the SAP Business One integration Technology was not built to do what you are asking.  The technology is to be able to move data, and all the ETL that goes with it, between systems such as the Integration Technologies out-of-the-box business scenarios for the integration of data between an R/3 system (headquarters) and it subsidiary(s) using SAP Business One.  The SAP Business One Integration Technology is used to visually create model driven integrations between systems without using code as you do with the DI Server and/or SDK.  You do not have the ability with this tool to build web interfaces as you are asking.  You would use the DI Server for the purpose that you have outlined.  There is a whitepaper that explains in detail the SAP Business One Integration Technology here on SDN at; https://www.sdn.sap.com/irj/servlet/prt/portal/prtroot/docs/library/uuid/52b12740-0901-0010-4097-b85d1f5aee2a.
  Hope that helps,
  Eddy