How can I configure ECC6.0 to use LDAP (Active Directory) password

We're setting up an integrated authentication between the ECC 6.0 and the LDAP server, in our case the Microsoft Active Directory. We have some users that can't use WebGui because some features, that only run in the SapGui. We have already configured UME in the Sap Portal accessing directly the ADS server, and Sap Logon Ticket from Portal to ECC. Everything is ok to access the WebGui and SapGui by the Portal with the Sap Logon Ticket. However it demands that all users make the authentication previously in the Sap Portal. Is there another scenario only with SAP tools, for example using Sap Logon directly to the Active Directory. Obs.: Our entire sap servers are UNIX.

I had already read all these notes.
In the last week, I tried to configure the UME in our PI/XI environment to access the LDAP. As the result, the ABAP stack was perform the authentication perfectly above the LDAP. However I had some problems with the Java stack and I comeback the back. I will try it, in the next week again.
It's what I'd like to ECC environment. Anyone has already configured the UME in an ECC? Install a basic Java stack without all Java components only the UME in order to make this integration. If it’s possible I’ll very appreciate any documentation.
Other problem is the limitation of datasource in the UME, I didn't remember exactly but I guess that is only 5 (Authorization in the ECC, BI, SolMan, PI, APO, CRM, LDAP, Portal, etc). If it's possible I'll group the environments in different UME managers. Forget this paragraph lets focus in the integrated authentication in this thread after that authorization.

Similar Messages

  • How can i configure SIP call using uc320 in india

    Hi,
    I have one uc 320w box. now wannt to call my itally office in cost effective way.
    how can use it?
    i heaard about SIP calling. is it avalaible in india? or suggest me the possiblw ways.
    Thanks
    Sujish Sudhakar

    Hi Sudhakaran,
    I think this article about SIP Configuration would help you as a step-by-step process.
    Generic SIP Configuration on UC320W

  • How can I capture delete user event in Active Directory 2008 using Powershell command

    Hi,
    In my Active Directory every user have own home drive in the file server. When I delete user I also need to delete folder from the server. 
    My target is make the process automated, so that when I delete user account form AD, the folder associate with user also delete.
    Can I write any power shell script to grep the delete event  and remove folder from file server.
    Thanks
    Tamim Khan

    You can setup event viewer to provide alerts (email alerts) for event id 630.
    Find an existing Event ID 630 entry, right click on it and "Attach Task To This Event...."
    Follow the wizard.
    ** Event ID Sample **
    Event ID: 630
    Type: Success Audit
    Description: User Account Deleted:
    Target Account Name: %1 Target Domain: %2
    Target Account ID: %3 Caller User Name: %4
    Caller Domain: %5 Caller Logon ID: %6
    Privileges: %7
    - Chris Ream -
    **Remember, if you find a post that is helpful, or is the answer, please mark it appropriately.**

  • How can I authenticate a User In Windows Active Directory?

    I need to authenticate a user in Windows Active Directory, but I found use the code below will return true if the user name and password are both correct and false if one of them is wrong. But when I input a user name which is not exist in Active Driectory with a blank password, it will also return true. What shall I do? Ask every user must input a password withnot blank?
    Please give me some help to solve this problem. Thanks a lot.
    Code:
    private Context ctx = null;
    Hashtable env = new Hashtable ();
    boolean isValid = false;
    try {
    this.setEnvironmentProperties();
    String domainName = AuthenticateResources.getString("mydomain.com");
    //set the name of domain with the user name
    String fullName = name + "@" + domainName;
    env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
    env.put(Context.PROVIDER_URL,"ldap://mydomain:389");
    env.put(Context.SECURITY_AUTHENTICATION,"simple");
    //set user related information
    env.put(Context.SECURITY_PRINCIPAL, fullName);
    //set user password
    env.put(Context.SECURITY_CREDENTIALS, password);
    //validate user
    ctx = new InitialDirContext(env);
    isValid = true;
    }catch (AuthenticationException ex){
    isValid = false;
    catch (NamingException ex) {
    throw ex;
    }finally{
    this.freeContext();
    return isValid;

    This is usually a problem if Anonymous Binding is enabled. I have faced this in other Directory Servers, but I am not familiar with Active Directory.
    I think by default Active Directory disables Anonymous Binding, but you may want to check.

  • How to read with a script in LDAP Active Directory

    I there anyone have a perl/XML script for free download whitch used to search and read contact in LDAP directory.
    Our company not chose the operation witch consit to point CM on Active Directory ,they prefers to write or find script perl/XML to do that.
    Is it possible??
    thanck you for your help

    I am interested in the script that you created too. I have some LDAP books on the way and will try to learn scripting but I have no experience in it and any little push in the right direction would be much appreciated. We are trying to integrate AD with CCM which we did with CCM 4.0.2 but now the Directories button does not work, which we new it wasn't going to, but they want me to create several menu listings say
    1.
    2.Standard Cisco Missed, Placed and Received Calls
    3.
    4. Corporate that will automatically search the entire AD.
    5. This will search only in OU X
    6. This will search in only OU y
    7.
    8. This will search only in UN to the Nth
    If this is possible I would be in your debt if I could just get a sample to give me a push in the right direction.
    Thanks
    My e-mail address is [email protected]

  • Can I configure WS-Sec authentication via Active Directory with OSB or OWSM

    Hi
    I'm planning a project where I need to add security to a group of proxy services in OSB. I need to authenticate them via WS-Security using Active Directory. Is this possible with OSB or adding OWSM?
    Regards,
    Néstor Boscán

    Hi.
    OSB http://docs.oracle.com/cd/E23943_01/dev.1111/e15866/model.htm#i1088877
    OWSM
    http://docs.oracle.com/cd/E17904_01/doc.1111/e15866/owsm.htm
    and
    http://docs.oracle.com/cd/E21764_01/web.1111/e13713/owsm_appendix.htm
    hope this helps
    best
    rolando

  • How can i configure an odbc using a database from sql to my excel

    Hi, i hope you can help me
    I have an excel sheet in wich i'm working, but i need to import data from a database used SQL, but i need the ODBC connection,... I try to used the administrator ODBC, but it has no driver for me to connect it to the SQL database, ... who knows wich tool can i use?
    best regards,
    Pamela

    As far as I know -you still can't do that with the mail app on a device. You can select each contact by tapping the blue + sign to open the contacts app and you have to add them one at a time.
    These are third party apps that will let you do this - Group Email ... And there are others in the app store.

  • How can i configure autologin with network account?

    right now when i go to user preferences for network account, login window and options are non manageable for network users.
    im using network accounts on all public machines and now after reboot they all require manual logon, how can i configure autologin to use network account

    Did you try authenticating with a local admin account to get into the login options from a network user account? Then you might be able to set auto login for that account. I've set network accounts as admin users on particular machines that way.

  • I'm trying to use a madcatz controller on the mac but it turns on for 2 seconds and turns off. the system profiler picks it up as a xbox 360 gamepad but says its not been configured. how can i allow my self use this with my games.

    i'm trying to use a madcatz controller on the mac but it turns on for 2 seconds and turns off. the system profiler picks it up as a xbox 360 gamepad but says its not been configured. how can i allow my self use this with my games!

    I have exactly the same problem.
    I'm a little peed-off with Microsoft on this. The original wireless controller I have doesn't work either since the cable I'm using is 'just' the charge and play cable, so a direct connection to my Mac won't work with this cable. It's a cable for god's sake. Why on EARTH put any limitations on this!?!?
    Next I learn I need an additional USB wireless receiver from Microsoft to get my original 360 controller to talk to my Mac. As I certainly don't want to fork any more microsoft dollars on this, this is not an option.
    Next I think, yes! I have a MadCatz 360 wired USB controller. This should surely do the trick just plugging it in and the way I go. But oh no, for some reason I plug my MadCatz Xbox360 controller in, it flashes a few times then switches off and can't be turned on again.
    The System Profiles recognizes it as a MadCatz 360 device controller but that is about it, but the ontroller software I download for the System Prefs (360Controller, USBOverdrive etc) don't even recognize the controller as being plugged in.
    What the **** Is The Microsoft Deal with all of this!?!?
    PS: Oh, and I forgot to mention, there are No drivers for device 4716 that I can find on the MadCatz website, or am I going blind?
    If anyone has a link, it would be appreciated.
    Message was edited by: nostrawaggus

  • HT3887 how can i configure my wireless keyword so i can use the Function F keys to control volume etc...? I am using 10.5.8 OS

    how can i configure my wireless keyword so i can use the Function <F> keys to control volume etc...? I am using 10.5.8 OS

    little wireless cameras would not have the ability to send back to the base, even thought the base can reach it.
    Now if you take regular cameras and wire them into a Cisco switch that was attached to a wireless bridge that could shine back to the base...now you might have something, but your still going to have to do a survey/path analysis to determine if it is feasible.
    Coverage isnt throughput. I see one base station with 3 or 4 sectoral antennas depending on direction, pointing two several distribution bridges to bridge the gaps that go out again to the cameras...something like that. And all of it should be higher in the air than your construction.

  • How can I configuration MBean in weblogic server  using the console ?

    How can I configuration MBean in weblogic server using the console ?
    I hear people talking about mbeans in weblogic server I have look in the console I can not find where , or how to do it.
    can some body explain that or a link that explain it, how to do it on the console ?

    Hi,
    Registering Custom MBeans from Admin Console is not yet possible. But yes there are ways to Configure and Utilize Custom MBeans ...
    http://weblogic-wonders.com/weblogic/2010/02/16/registering-and-invoking-custommbeans/
    Thanks
    Jay SenSharma

  • How can I configure ang use JNDI datasource on Tomcat 4.0.x ?

    How can I configure ang use JNDI datasource on Tomcat 4.0.x ?
    Please help me , Thanks !

    Hello ,
    You need to go through the JNDI tutorial which you can access at the sun's site. It will explain all the things you need.
    By the way all you want to use JNDI datasource is JNDI class library and some naming or directory service provider, which also you can download from sun.
    Good Luck.

  • How can i configure DAQ card other then NI using MAX

    Hi,
    I am using Advantech DAQ pci1711, can i configure this card using NI MAX. I am getting problem with its port specification while writing VI's because could get channel port addresses.

    MAX can only configure cards that use the Traditional NI DAQ and DAQmx.  Advantech uses their own drivers.  Does Advantech have a utility for setting up their PCI cards?
    There are only two ways to tell somebody thanks: Kudos and Marked Solutions
    Unofficial Forum Rules and Guidelines

  • How can i config WLS7 and iPlanet LDAP

    How can i config WLS7 and iPlanet LDAP?
    failed during initialization. Exception:java.lang.SecurityException: Authenticat
    ion for user weblogic denied
    java.lang.SecurityException: Authentication for user weblogic denied
    at weblogic.security.service.SecurityServiceManager.doBootAuthorization(
    SecurityServiceManager.java:978)
    at weblogic.security.service.SecurityServiceManager.initialize(SecurityS
    erviceManager.java:1116)
    at weblogic.t3.srvr.T3Srvr.initialize1(T3Srvr.java:703)
    at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:588)
    at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:276)
    at weblogic.Server.main(Server.java:31)
    >

    Yos:
    Series of steps to get WLS working with some external LDAP server follows:
    I. create a new domain /mydomain
    II. start server
    III. open WebLogic console in a browser
    IV. in left frame, go to
    security->realms->myrealm->providers->AuthenticationProviders and click
    V. in right frame, click on “Configure a new iPlanet Authenticator”
    VI. In the new screen, under General, make sure the Control Flag is set to Required,
    select a name for this authenticator, and click Create.
    VII. Select iPlanet LDAP tab and fill in values for Host, Port, Principal where
    these values reflect the settings for your LDAP server. (Note: the default
    principal for an iPlanet LDAP server is uid=admin, ou=Administrators,
    ou=TopologyManagement, o=NetscapeRoot). Click Apply.
    VIII. Click on Credential: Change. At the new screen, enter the credential
    associated with the Principal that you entered in step VII in both boxes. This will
    be the password that is used to do a bind to your LDAP server with the principal.
    Click Apply.
    IX. Select Users tab and make sure these properties accurately reflect the structure
    of your LDAP server. Most of the time the only property that needs to be changed is
    the User Base DN property, from ou=people,o=example.com to
    ou=people,o=myCompany.com. Click Apply.
    X. Select Groups tab and make sure these properties accurately reflect the structure
    of your LDAP server. Most of the time the only property that needs to be changed is
    the Groups Base DN property, from ou=people,o=example.com to
    ou=groups,o=myCompany.com. Click Apply.
    XI. Now, the boot identity of your server absolutely must be a user that exists on
    your LDAP server. You must also have an “Administrators” group on your LDAP server,
    and the boot identity must be a user that exists in this “Administrators” group, or
    the server will not start. So open your LDAP console (this will be a console that
    is specific to the LDAP server you are using) and use the management tools to create
    the “Administrators” group and a user that you place in the “Administrators” group
    that is the boot identity that you use to start WebLogic.
    XII. Make these changes and restart the server.
    XIII. You can verify that the LDAP setup is correct by doing a thread dump. You
    should see a thread like:
    “LDAPConnThread localhost:389" daemon prio=5 tid=0x8d9b308 nid=0x8f8 runnable
    [0x9e2f000..0x9e2fdbc]
    at java.net.SocketInputStream.socketRead(Native Method)
    at java.net.SocketInputStream.read(SocketInputStream.java:86)
    at java.io.BufferedInputStream.fill(BufferedInputStream.java:186)
    at java.io.BufferedInputStream.read(BufferedInputStream.java:204)
    - locked <3281d98> (a java.io.BufferedInputStream)
    at netscape.ldap.ber.stream.BERElement.getElement(BERElement.java:101)
    at netscape.ldap.LDAPConnThread.run(LDAPConnThread.java:420)
    where “localhost:389” is the server name and port of your LDAP
    server. This means that your Authenticator has been set up correctly.
    XIV. Now you can delete your default authenticator. Open the WebLogic console and
    go to security->realms->myrealm->providers->AuthenticationProviders in the left
    frame, and click
    XV. In the right frame, look for DefaultAuthenticator and click on the trash can to
    the far right. Say “Yes” when it asks if you are sure, then click Continue.
    XVI. Restart the WebLogic server. If the server boots correctly, you’re done.
    Everything is working correctly.
    Please note that the "default authenticator" refers to the embedded LDAP server that
    ships with WebLogic.
    Hope this helps.
    Joe Jerry
    Yos wrote:
    How can i config WLS7 and iPlanet LDAP?
    failed during initialization. Exception:java.lang.SecurityException: Authenticat
    ion for user weblogic denied
    java.lang.SecurityException: Authentication for user weblogic denied
    at weblogic.security.service.SecurityServiceManager.doBootAuthorization(
    SecurityServiceManager.java:978)
    at weblogic.security.service.SecurityServiceManager.initialize(SecurityS
    erviceManager.java:1116)
    at weblogic.t3.srvr.T3Srvr.initialize1(T3Srvr.java:703)
    at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:588)
    at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:276)
    at weblogic.Server.main(Server.java:31)
    >

  • How can I configure my new Mac Pro to output the timeline via HDMI

    How can I configure my new Mac Pro to output the timeline in FCP 7 (yes, I have X, but I'm using 7 right now). I have two monitors running from TB2, but want to have the third for a client monitor.
    If I use all three via TB2, it's literally three monitors, and I want to edit on my CineDisplay. I only want the client to see the timeline video on the third monitor. When I hook up HDMI I get no signal, in fact, I can't have the HDMI cable hooked up for TB2 to work with the third.
    Thanks,
    GEvans
    DarthPro
    3.7 QCIntelXeonE5
    12 GB
    AMD FirePro dual D300 2048MB
    OSX 10.9.2

    If you use all ThunderBolt displays, or stick with DisplayPort and Mini DisplayPort (free conversion between the two with only a cheap cable) you can have up to six displays.
    If you attach "legacy" displays with "any-old adapter", you can have up to two, and the built-in HDMI counts as one if you use it.
    Any more requires ACTIVE Adapters.
    The US$100 Apple ACTIVE Mini DisplayPort to Dual-Link DVI adapter works in every case, even displays over 1920 wide.
    StarTech and Accell make US$35 ACTIVE adpters that work for displays up to 1920 wide.

Maybe you are looking for

  • Trying to capture audio from the computer output.

    I'm trying to figure out how to capture the sound output, and either record it as a .wav, .mp3, or garage band track. The end goal(s): 1. Full screen video and audio capture -- for example, capture a window as a video, and any sound effects generated

  • Why can't I add or edit an entry on myiPhone Cal?

    Why Can't I add ,or edit an entry on my iPhone Cal?

  • Mac book Pro 15" vs 17"

    Hi guys I'm new here, would like to get a opinion should i get 15" vs 17" and what about i5 or i7 2.66 or 2.8 ? Thanks !

  • Error during upgradation

    Hi,   During upgradation I got error at SACT_700 with following log Activate lock object "E_BAMMAPNG" 4EEDI751 Base table "BAMMAPFCGR" of the lock object is not active 4 EDI813 Lock object "E_BAMMAPNG" not activated 4 EDI806XActivate lock object "E_B

  • Why is fooducate not in my app store ?

    i went on my app store and i typed in fooducate and it says its not there why ?