MS active Directory Configuration on SAP 4.7 and ECC6.0

Similar Messages

• Using Active-Directory PW at SAP logon procedure

  Hello,
  I have the requirement no to use single sign on for some systems with sensitive data, but  would like to check during sap logon procedure the  from our central active directory password.
  is there any best practice configuration or SAP / AD Win Addon solution available to connect SAP NW abap 7.40 at Win2012 sever with our active directory. Nearly all win based applications can handle a PW check from application to AD. Is there any SAP or Partner implementation helpful to expand the SAP client internal User-PW check?
  Thanks in advanced for alternatives to the standard client SSO or any idea in the direction using active directory password within sap-logon.
  Please give me a short feedback if you need more details.
  regards,
  Bernhard Mair
  Goethe-Institut München

  The SAP NetWeaver ABAP app server only accepts SAP user id and password or it can use SNC to authenticate the user when SAP GUI is used on workstation. So, if you want the user to be prompted to enter their Active Directory credentials during a logon using SAP GUI, and you don't want SSO, then you need to purchase a third party product.
  Please note, that SAP is not JUST a Windows based application, as it can also be installed on Unix and Linux, so SAP have made it work in same way on all platforms without any 'special' windows authentication capabilities.
  Thanks
  Tim

• How to Uninstall SQL instance on active-passive SQL server , which failed during Cluster Setup (Error-Failed at Validate Active Directory Configuration)

  How to Uninstall SQL instance on active-passive SQL server , which failed during Cluster Setup (Error-Failed at Validate Active Directory Configuration)
  active-passive SQL server cluster setup failed due to some steps missed in initial cluster setup,
  now i have unistall sql instance from nodes,
  Your help will higly appriciated.
  Regards,
  Anish
  Asandeen

  Hello,
  Please refer to the following link about remove a node of  SQL Server Failover Cluster Instance:
  http://msdn.microsoft.com/en-us/library/ms191545.aspx#Remove
  Regards,
  Fanny Liu
  Fanny Liu
  TechNet Community Support

• SAP Bunisess Connector 4.8 -Can support SAP 4.6C and ECC6 at the same time

  Hi All,
  I am upgrading Busniess Connector 4.0 to 4.8 .
  I have sap 4.6C systems and ECC6 systems in Landscape.Will Business Connector 4.8 support both (SAP 4.6C and ECC6) simultaneously ?

  Hello gaurav,
  I have tried re-installing.
  I am able to open the web-admin and also all the links except the ones in the adapters section.
  I have checked the installation document, adapter guide for BC 4.8 but i couldnt find anything useful.
  I was just wondering if it has got anything to do with the OS.
  lemme know if you have come across anything like this.
  thanks for the help.
  Sreejith

• Question about Active Directory Configuration

  Hi All,
  Portal Version : EP7.0 SP7
  We want to configure Active directory as a Portal UME store.
  We have 7 Domain controllers in the domain xyz.com. They are spread across locations. I assume, by default domain controller will have global catalog defined.
  So in LDAP configuration, whether we to use Global Catalog (Port: 3268) to connect to ADS or LDAP connection(Port:389)?
  I am not clear, when Global Catalog connection is defined to bind ADS to Portal UME?
  Any suggestion?
  Thanks & Regards,
  Gowri

  Hi Gowri,
  It will work fine if you connect through port 389.
  Can you please explain it in detail that How you have spread your domain controllers / your forest hierarchy?
  Check if this helps.
  Thanks,
  Mittal

• Import Active Directory Data into SAP HR

  We are currently working on updating user data in Active directory from data stored in SAP HR via the LDAP Connector. This is working great! The question is what is required to make this happen the other way around. Ex  Employee email address is stored in AD and we want to update IT105 email address from Active directory.
  Thanks in Advance!
  Tariq Khan

  Hello Tariq,
  I am also trying to find out the way for flowing data from AD to SAP HCM IT0105.
  If you found the solution, it would be a great help if you could pls share the solution.
  Hoping for the favorable response.
  Thanks in advance.
  Best Regards,
  Tauseef

• Ms-Active Directory integration with SAP 4.7 SR2 through LDAP Connector

  Dear Gurus,
  Let me clarify the scenario:
  At our end, we are planning for SSO, we are integrating Microsoft ADS with SAP 4.7 IDES
  Following are the system details:
  SAP: IDES 4.7, on Windows 2000 Advance Server, Oracle 8.1.7.,Kernel-620
  MS-Active Directory: Windows 2003 Enterprise Edition, with Service Pack-1
  With the above mentioned landscape we have integrated
  LDAP-Connector on MS-Active Directory, on MS-Active Directory OS
  side we have tested the command (ldap_rfc –a LDAP_ADS –g
  ides.ho.com –x sapgw00) then we are testing it through an
  RFC in SAP 4.7(IDES), with result success.
  Everything is fine Im able to Log ON thru the User but when I try to search objects in LDAP(ie. ADS) thru "FIND", but getting Error message "operation Failed".
  Referred note 511141 for the error.
  Can't find anything more.
  Required help...
  Regards,
  SHAH

  Dear Juergen,
  As of we have applied the SP-level till 40.
  Through LDAP tcode we are able to Logon to the Directory server, and we
  are also able to search, through FIND,
  the system displays all entries below the specified base entry.
  After that we are trying to Synchronize it, using report RSLDAPSYNC_USER through SE38, but its showing following errors:
  Connection created to Server LDAP_ADS (successfully with Green)
  Operation Failed (Error with Red)
  Error message: LDAPRC001
  LDAP_SEARCH failed (Error with Red)
  Error message: LDAPACCESS101
  The System could not create directory objects pool (Error with Red)
  Error message: LDAPSYNC005
  Connection to LDAP_ADS server terminated
  As for first Error: Error message: LDAPRC001, we referred Note 511141,
  Response: "This error msg does not mean that the SAP System sent incorrect data".
  For Error message: LDAPACCESS101 and Error message: LDAPSYNC005, we refferred 696021 and 695026
  Response: to apply the correction change, as our SP level is above the requirement, we have
  level-40.
  Unable to get further, any solution/suggestion.
  Bye for now.
  Regards,
  Shaibaz

• Windows active directory integeration with sap user mangement

  Hi All
  I have installed  sap as local installation now my client wants to integerate sap user management with windows active directory.we have ECC,BI,PI ,SCM and ep system in our landscape.kindly suggest hoe to do that and what will be the best strategy to do that in a simple scenario.
  Regards
  Pranav

  pranav kumar wrote:
  Hi Kenneth
  >
  > I jst want to integerate the sap with windows active directory.
  >
  >
  > Regards
  > Pranav
  Hi Pranav,
  Check the article, http://www.sdn.sap.com/irj/scn/index?rid=/library/uuid/c00464ce-c974-2e10-f5be-f8f4c6dce31c
  Then, take e a look at SSO solutions at http://ecohub.sap.com/
  You can find many solutions there.
  Best regards,
  Orkun Gedik

• Active Directory Replication Servers (wont replicate SYSVOL and NETLOGON Not showing)

  I have my first DC Server (DC1). DC1.DOMAIN.lOCAL, I decided to add another Domain Controller. Made it a secondary DNS Server and also GC. Everything seems to replicate, but its missing NETLOGON and SYSVOL Wont replicate. 
  Windows 2008 R2

  Errr 5706
  The Netlogon service could not create server share C:\Windows\SYSVOL\sysvol\INFGRP.LOCAL\SCRIPTS.  The following error occurred: 
  The system cannot find the file specified.
  Event 7009
  A timeout was reached (30000 milliseconds) while waiting for the File Replication service to connect.
  Event 1058
  The processing of Group Policy failed. Windows attempted to read the file \\INFGRP.LOCAL\SysVol\INFGRP.LOCAL\Policies\{55DE4000-0D51-44CD-92A1-30F286B2BC86}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until
  this event is resolved. This issue may be transient and could be caused by one or more of the following: 
  a) Name Resolution/Network Connectivity to the current domain controller. 
  b) File Replication Service Latency (a file created on another domain controller has not replicated to the current domain controller). 
  c) The Distributed File System (DFS) client has been disabled.
  All Critical
  This domain controller has migrated to using the DFS Replication service to replicate the SYSVOL share. Use of the File Replication Service for replication of non-SYSVOL content sets has been deprecated and therefore, the service has been stopped. The DFS
  Replication service is recommended for replication of folders, the SYSVOL share on domain controllers and DFS link targets.
  Test replication
  Domain Controller Diagnosis
  Performing initial setup:
     * Verifying that the local machine dc, is a DC. 
     * Connecting to directory service on server dc.
     * Collecting site info.
     * Identifying all servers.
     * Identifying all NC cross-refs.
     * Found 2 DC(s). Testing 1 of them.
     Done gathering initial info.
  Doing initial required tests
     Testing server: Default-First-Site-Name\dc
        Starting test: Connectivity
           * Active Directory LDAP Services Check
           * Active Directory RPC Services Check
           ......................... dc passed test Connectivity
  Doing primary tests
     Testing server: Default-First-Site-Name\dc
        Starting test: Replications
           * Replications Check
           * Replication Latency Check
              DC=ForestDnsZones,DC=GRP,DC=LOCAL
                 Latency information for 7 entries in the vector were ignored.
                    7 were retired Invocations.  0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc.  0 had no latency information (Win2K DC).  
              DC=DomainDnsZones,DC=GRP,DC=LOCAL
                 Latency information for 7 entries in the vector were ignored.
                    7 were retired Invocations.  0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc.  0 had no latency information (Win2K DC).  
              CN=Schema,CN=Configuration,DC=GRP,DC=LOCAL
                 Latency information for 8 entries in the vector were ignored.
                    8 were retired Invocations.  0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc.  0 had no latency information (Win2K DC).  
              CN=Configuration,DC=GRP,DC=LOCAL
                 Latency information for 9 entries in the vector were ignored.
                    9 were retired Invocations.  0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc.  0 had no latency information (Win2K DC).  
              DC=GRP,DC=LOCAL
                 Latency information for 9 entries in the vector were ignored.
                    9 were retired Invocations.  0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc.  0 had no latency information (Win2K DC).  
           ......................... dc passed test Replications
        Test omitted by user request: Topology
        Test omitted by user request: CutoffServers
        Test omitted by user request: NCSecDesc
        Test omitted by user request: NetLogons
        Test omitted by user request: Advertising
        Test omitted by user request: KnowsOfRoleHolders
        Test omitted by user request: RidManager
        Test omitted by user request: MachineAccount
        Test omitted by user request: Services
        Test omitted by user request: OutboundSecureChannels
        Test omitted by user request: ObjectsReplicated
        Test omitted by user request: frssysvol
        Test omitted by user request: frsevent
        Test omitted by user request: kccevent
        Test omitted by user request: systemlog
        Test omitted by user request: VerifyReplicas
        Test omitted by user request: VerifyReferences
        Test omitted by user request: VerifyEnterpriseReferences
        Test omitted by user request: CheckSecurityError
     Running partition tests on : ForestDnsZones
        Test omitted by user request: CrossRefValidation
        Test omitted by user request: CheckSDRefDom
     Running partition tests on : DomainDnsZones
        Test omitted by user request: CrossRefValidation
        Test omitted by user request: CheckSDRefDom
     Running partition tests on : Schema
        Test omitted by user request: CrossRefValidation
        Test omitted by user request: CheckSDRefDom
     Running partition tests on : Configuration
        Test omitted by user request: CrossRefValidation
        Test omitted by user request: CheckSDRefDom
     Running partition tests on : GRP
        Test omitted by user request: CrossRefValidation
        Test omitted by user request: CheckSDRefDom
     Running enterprise tests on : GRP.LOCAL
        Test omitted by user request: Intersite
        Test omitted by user request: FsmoCheck
        Test omitted by user request: DNS
        Test omitted by user request: DNS
  On the second DC (DCR). I see SYSVOL, no files replicated, also theres no NETLOGON.

• Active Directory, 1 mac on the network, and how my hair turned grey early!

  Okay...here's the deal... I am using an iMac intel 2 ghz on a windows network. Active Directory/Exchange, the whole gammut. Wanted to connect the Tiger side to the networked mapped drives... I've tried configuring Directory Access and I have binded myself to the network. Problem is..the network drives and the network printers are not working. I've also tried the Go>Connect to Server route in the finder. Is it a problem with the SMB set up? What other details do you need for me to be able to resolve this. Thanks

  Sorry for being so vague. We have about 6 mapped drives here in the office. I don't even SEE them... When I click "servers" in the finder...I see all the computers on the network...but it says the alias' aren't correct. I actually have admin rights to the full network, and can even see the network printers...but when trying to print to one, I get: Unable to connect to SAMBA host, will retry in 60 seconds...DEBUG: cgpdftops - using PPD file"/ Then "Connection failed with error NTSTATUS (Couldn't catch the rest of the error...sorry)
  Thats about the gist of it.

• HT201358 Can ARD3 work with the Active Directory setup on a Windows machine and without the need of Open Directory

  We need the 'Golden Triangle' setup to work with ARD3 running on a Mac server with client Mac details retrieved from a Windows Active Directory. In this system, the ARD3 will be used to install packages from a Mac OS X server, where the client Mac list is gathered directly from a Windows Active Directory, which is already in place.
  So, please guide me whether Apple Remote Desktop 3 is capable of getting client machine details from an Active Directory without the need of re-creating the client Mac list in the Mac server running ARD3.
  If ARD3 can not be used in this case, do you recommend any other tools that can resolve our issue.
  Thank you in advance.
  Sudheesh.

  ARD cannot directly obtain client information from Active Directory, no. It may be possible to create a script that would get such information and be able to put it into ARD, but I wouldn't begin to know how to write such a script. You may also be able to bind your OS X Server to ARD and create groups there. This article is obsolete for 10.6 or later but may provide some clues as to how to proceed:
  http://support.apple.com/kb/TA24276
  There are a number of third-party systems that can manage Macs that may be able to draw information from AD, such as Casper, LANDesk, and others. Which if any would meet your needs depends on many factors including how many devices you need to manage, whether you're looking for a cross-platform tool, your budget, etc. This is a difficult issue to address in a forum like this since there are so many variables to be considered.
  Regards.

• Difference between sap 4.7e and Ecc6.0 in ABAP point of wiew

  hi experts,
  can any one explain about the differences b/n sap 4.7e and sap ecc6.0 in ABAP point of view.
  thanks in advance.
  rgds,
  nag.

  From the ABAP perspective.
  The WS_* function modules used in 4.6c has become obsolete from 4.7C. All the WS_* FMs have been replaced by GUI_* FMs.
  (ii) Concept of Unicode is introduced.
  (iii) Few tables have been modified in ECC6.0.
  Tables TVARV & TTREX have been replaced by TVARVC & TTREXN respectively.
  For functional differences please check out the following links:
  http://solutionbrowser.erp.sap.fmpmedia.com/
  Re: SAP version differences 4.5b, 4.6c and ECC6.0
  You can find the difference in release notes of each SAP version.
  Here are the links.
  http://help.sap.com/saphelp_47x200/helpdata/en/fc/e3003deddfae4de10000000a114084/frameset.htm
  http://help.sap.com/saphelp_scm50/helpdata/en/28/b34c40cc538437e10000000a155106/frameset.htm
  http://help.sap.com/saphelp_erp2005/helpdata/en/43/68805bb88f297ee10000000a422035/frameset.htm
  If its useful reward points

• Difference between SAP ECC5.0 and ECC6.0

  Dear Experts,
  Can anybody please explain the difference between SAP version ECC5.0 and ECC6.0 ?
  Thanks in Advance

  Hi Vijay,
  Solution Browser would give the differences (Features):
  http://solutionbrowser.erp.sap.fmpmedia.com/ Give source and target versions.
  Release Info:
  ECC 6.0:
  http://help.sap.com/saphelp_erp2005/helpdata/en/43/68805bb88f297ee10000000a422035/frameset.htm
  ECC 5.0:
  http://help.sap.com/saphelp_erp2004/helpdata/en/c6/feda40ebccb533e10000000a155106/frameset.htm
  You can find the difference in release notes of each SAP version.
  Here are the links.
  http://help.sap.com/saphelp_47x200/helpdata/en/fc/e3003deddfae4de10000000a114084/frameset.htm
  http://help.sap.com/saphelp_scm50/helpdata/en/28/b34c40cc538437e10000000a155106/frameset.htm
  http://help.sap.com/saphelp_erp2005/helpdata/en/43/68805bb88f297ee10000000a422035/frameset.htm
  Reg,
  Ashok
  Assign points if useful.

• Regarding Active directory configuration

  We have one PDC and one backup PDC and 272 ADC in our Organization .all server will communicate to PDC for replication as per the design. we are facing the the issue in replication domain dns zone and forest dns zone is not replicating getting 1722 error.
  we have created separate site link for all site and we put pdc site and local site in the site link. what is the best practice  for site link and cost and replication timing for 272 ADC from PDC.

  HI Amy,
  please find the attached replication report here domain partition is showing as never replicated and domain dns zone and forward DNS zone replication failed with 1722 error, please suggest on the same.
  Destination DSA   Site
  Destination DSA
  Naming Context
  Source DSA Site
  Source DSA
  Transport Type
  Number of Failures
  Last Failure Time
  Last Success Time
  Last Failure   Status
  SDC
  DSR-BLRSDC-DC01
  DC=DSR,DC=IN
  Puttur
  PUT_R1
  RPC
  0
  0
  (never)
  0
  SDC
  DSR-BLRSDC-DC01
  CN=Configuration,DC=DSR,DC=IN
  Puttur
  PUT_R1
  RPC
  0
  0
  12/10/2014 14:02
  0
  SDC
  DSR-BLRSDC-DC01
  CN=Schema,CN=Configuration,DC=DSR,DC=IN
  Puttur
  PUT_R1
  RPC
  0
  0
  12/10/2014 14:15
  0
  SDC
  DSR-BLRSDC-DC01
  DC=DomainDnsZones,DC=DSR,DC=IN
  Puttur
  PUT_R1
  RPC
  110
  12/10/2014 11:33
  (never)
  1256
  SDC
  DSR-BLRSDC-DC01
  DC=ForestDnsZones,DC=DSR,DC=IN
  Puttur
  PUT_R1
  RPC
  110
  12/10/2014 11:33
  (never)
  1256

• Difference between SAP 4.7 and ECC6.0

  Hi everyone
  can anybody tell me the difference between SAP4.7 and ECC6.0?

  Hi Anjali,
  There is lot difference between 4.6c and 6.0
  1) ecc 6.0 coming with inbuild webdynpro , BSP it is not 4.6c
  2) In ecc we have interactive forms concept where it was not there in 4.6c
  3) 4.6c there is no unicode concept here we have unicode and non unicode
  Reward point if helpful.
  Regards
  Sasikanth.Ch