Role of LDAP server in portal
HI
Can any one tell me what is the role of LDAP server in portal
Thanks
shashank
Hi Shashak,
if you use the LDAP Server as UME User Store, the security policy from the LDAP server is enforced. This means that if the data source has defined its own security policy, there is no standard interface to pass on any error messages received from the data source to the UME user in the same level of detail and in the correct language. The user only receives a very generic error message. Therefore, you would need to adapt the Portal security policy accordingly. You can find some further information under http://help.sap.com/saphelp_nw04/helpdata/en/7f/c52442ad9f5133e10000000a155106/frameset.htm.
More general information on LDAP integration you can find under http://help.sap.com/saphelp_nw04/helpdata/en/3b/68ff407765ed6fe10000000a1550b0/frameset.htm.
Best regards,
Joerg
Similar Messages
-
How to configaration in LDAP Server in portal?
Hi Experts,
I configare the LDAP Server in portal , but is not configare plz send me docs
Regards,
ChanduHi Check this out.
https://www.sdn.sap.com/irj/sdn/wiki?path=/display/ep/setting%2bup%2ban%2bldap%2bfor%2bthe%2bportal
Have a look at these BLOGS which tells you step step by approach to integrate LDAP with SAP EP.
Novell eDirectory 8.8 as UME Data Source for EP : Part I
https://www.sdn.sap.com/irj/sdn/weblogs?blog=/pub/wlg/2937. [original link is broken]
UME Data Source: LDAP
https://www.sdn.sap.com/irj/sdn/wiki?path=/display/ep/setting%2bup%2ban%2bldap%2bfor%2bthe%2bportal
Windows Integrated Authentication via Kerberos on an LDAP data source -
NTLM with LDAP
Browse these links.
UME Data Source: LDAP
https://www.sdn.sap.com/irj/sdn/wiki?path=/display/ep/setting%2bup%2ban%2bldap%2bfor%2bthe%2bportal
Check these:
https://wiki.sdn.sap.com/wiki/display/HOME/ConfigureLDAPand+EP
http://help.sap.com/saphelp_nw04/helpdata/en/cc/cdd93f130f9115e10000000a155106/frameset.htm
http://help.sap.com/saphelp_nw2004s/helpdata/en/48/d1d13f7fb44c21e10000000a1550b0/frameset.htm
https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/e1959b90-0201-0010-849c-d2b1d574768b
You can refer to the following weblinks for the same
HELP.SAP.COM
http://help.sap.com/saphelp_nw70/helpdata/EN/4e/4d0d40c04af72ee10000000a1550b0/frameset.htm
https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/e1959b90-0201-0010-849c-d2b1d574768b
FORUMS
LDAP Server settings for Configuring Multiple LDAP in Portal UME.
LDAP Configuration - Multiple domains
EP7 - Multiple LDAP sample file
SAP Note
736471 UME Configuration of multiple LDAP data sources -
Storing Portal Roles in LDAP server
Hi,
I want to use an LDAP server for user authentication to my portal. The documents I got from help.sap.com says about keeping an LDAP server for storing normal user attributes and the portal db for storing roles. Is there any way to store thr portal roles also in the LDAP server and retreive them for authentication. Please help
Thanks,
RanjithHi Ranjith,
There is no way to store the roles in the LDAP. They are kept in the portal DB. Also, portal roles aren't used for authentication like roles are in R/3. They are used mainly for determining what a user can see in the portal.
The authentication in the portal is based on the user id and password. when you log on to the portal. You will be assigned a role(s) for what you can see in the portal. The actual authentication to application come from the back end systems. For example, even if you have a portal role that lets you have access to a transaction in R/3, if you don't have the back end authorization you won't be able to get at the data.
I hope this helps
John -
Usage of external LDAP server with Portal
Hi All,
We are in a situation to use external LDAP server with WLP 8.1. These are the
constraints we have to deal with:
1. Only read is allowed from this LDAP server.
2. This would be used for authentication purpose
If thats the case, how can we use Visitor Entitlements/Delegated Admin and Group
creation using Portal Admin tool since this will write to the configured LDAP
server.
Can somebody answer my question:
1. Can we use external LDAP server - just for authetication (I know this is possible
by using JAAS LoginModule, but I just want to get confirmed on this ) and
2. Use default and embedded LDAP server for all others like Group/Visitor Entitlements/DAs.
Any relevant pointers are also welcome.
TIA,
Prashanth Bhat.Thanks for th ereply. Some of your answers are not clear. Can you pls eloborate
on this?? Pls see my comments below.
"Johnson" <[email protected]> wrote:
>
Phil,
Can I use embedded LDAP for production?
Thanks
Lawrence
"Phil Griffin" <BEA> wrote:
"Prashanth " <[email protected]> wrote in message
news:[email protected]..
Hi All,
We are in a situation to use external LDAP server with WLP 8.1. Theseare
the
constraints we have to deal with:
1. Only read is allowed from this LDAP server.
2. This would be used for authentication purpose
If thats the case, how can we use Visitor Entitlements/Delegated Adminand
Group
creation using Portal Admin tool since this will write to the configuredLDAP
server.
Can somebody answer my question:
1. Can we use external LDAP server - just for authetication (I knowthis
is possible
by using JAAS LoginModule, but I just want to get confirmed on this) and
>
You can add the external LDAP server just for authentication, but in
versions through
8.1 SP2 WLP will want to verify the user exists (via the UserReaderMBean)
during
the login process (this check has been removed in SP3). A work around
is to
duplicate
the user in a provider that does impl UserReaderMBean.
Prashanth : You mean to say we have to duplicate the User in embedded LDAP server
also??
>>
2. Use default and embedded LDAP server for all others like Group/VisitorEntitlements/DAs.
>
Yes, the default/embedded LDAP can still be used for DA/visitor
entitlements. In the current
release, the Portal Admin Tools can only be configured to use a single
authentication provider
while forming entitlements. In SP3, all configured providers are
listed/usable by the tools.Prashanth : How can we configure Portal Admin tool to use authentication provider
for entitlements??
>>
Any relevant pointers are also welcome.
TIA,
Prashanth Bhat. -
Using LDAP server in Login frame work
I need breaf explanation about how to use LDAP server in Portal for Login authontatication.
Any body now good documets please pass me those links.
Thanks,
Venkata SarvabatlaIn a nutshell, WebLogic Server has a pluggable security architecture. If you want your authentication provider to use your LDAP server then you can configure WebLogic Server to use your authentication provider. You configure your authentication provider to connect to your LDAP server. No code development is necessary.
WebLogic Portal Server is built on top of WebLogic Server so you get the pluggable security architecture by definition.
This security architecture has been around a long time and lots of customers use it so the documentation on it is pretty good. If you haven't configured a WebLogic Server LDAP authentication provider before then don't worry: it is not too difficult, but it is going to require that you go through the documentation. The link deepshet gave you is a good starting point. -
How can portal use two different LDAP Server in UME
Hi,
My question is Can UME in portal be configured for multiple LDAP sources.Currently i have a setting in portal
as follows:
Server Name : Abcd
port : 1234
user : CN=" ",Ou=" ",Ou=" ",Dc=AD,Dc=my company,Dc=com
password :
user path : DC=AD,Dc=My company,Dc=Com
group Path : same as user path
I want to configure one more LDAP server to my portal UME,how can give values for that in above sttings.I even want these current settings to be enabled.
Do anyone have idea on this.
Thanks and Regards
Rani AHi again ,
I know it can be done. But how urgent is this for you.
I can get back to you in couple of days, me lil busy today.
cheers,
Anu... -
Portal and Netscape LDAP server integration
Hi,
I am trying to integrate Netscape LDAP server (6.0) with portal server 7, but
having lots of trouble doing that.
I've followed the instructions in the developer guide and completed the following
steps:
1. added a CustomRealm named defaultLDAPRealmForNetscapeDirectoryServer in config.xml
and modified the entries to fit my environment.
2. Deployed ldapprofile.jar and customized the env variables.
After these two steps, nothing happened. Then I did the third step:
3. added a iPlanet Authenticator to the realm CompatibilityRealm, which is my
default realm for the server.
However, after step 3, I wasn't able to boot weblogic server. Please note I have
create two users, system and weblogic in my LDAP server.
I copied the stack trace below. Any suggestions will be greatly appreciated.
Weiguo
C:\prog\bea\user_projects\portalDemoDomain>"C:\prog\bea\jdk131_03\bin\java" -hotspot
-Xms128m -Xmx128m -XX:MaxPermSize=128m -Dcommerce.properties="C:\prog\bea\weblogic700\portal\weblogiccommerce.properties"
-Dweblogic.Name=portalDemoServer
-Dbea.home="C:\prog\bea" -Dweblogic.management.username= -Dweblogic.management.p
assword= -Dweblogic.ProductionModeEnabled=true -Dweblogic.management.discover=fa
lse -Djava.security.policy=="C:\prog\bea\weblogic700\server\lib\weblogic.policy"
weblogic.Server
<Nov 4, 2002 1:18:45 PM EST> <Info> <Security> <090065> <Getting boot identity
from user.>
Enter username to boot WebLogic server:weblogic
Enter password to boot WebLogic server:
Starting WebLogic Server...
<Nov 4, 2002 1:19:06 PM EST> <Notice> <Management> <140005> <Loading configuration
C:\prog\bea\user_projects\portalDemoDomain\.\config.xml>
<Nov 4, 2002 1:19:21 PM EST> <Notice> <Security> <090093> <No configuration data
was found on server portalDemoServer for realm CompatibilityRealm.>
<Nov 4, 2002 1:19:21 PM EST> <Notice> <Security> <090082> <Security initializing
using realm CompatibilityRealm.>
<Nov 4, 2002 1:19:21 PM EST> <Critical> <WebLogicServer> <000364> <Server failed
during initialization. Exception:java.lang.SecurityException: Authentication for
user weblogic denied
java.lang.SecurityException: Authentication for user weblogic denied at
weblogic.security.service.SecurityServiceManager.doBootAuthorization(
SecurityServiceManager.java:1028)
at weblogic.security.service.SecurityServiceManager.initialize(SecurityS
erviceManager.java:1166)
at weblogic.t3.srvr.T3Srvr.initialize1(T3Srvr.java:697)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:589)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:277)
at weblogic.Server.main(Server.java:32)
>
<Nov 4, 2002 1:19:21 PM EST> <Emergency> <WebLogicServer> <000342> <Unable to
in
itialize the server: Fatal initialization exception
Throwable: java.lang.SecurityException: Authentication for user weblogic denied
java.lang.SecurityException: Authentication for user weblogic denied
at weblogic.security.service.SecurityServiceManager.doBootAuthorization(
SecurityServiceManager.java:1028)
at weblogic.security.service.SecurityServiceManager.initialize(SecurityS
erviceManager.java:1166)
at weblogic.t3.srvr.T3Srvr.initialize1(T3Srvr.java:697)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:589)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:277)
at weblogic.Server.main(Server.java:32)
>
The WebLogic Server did not start up properly.
Exception raised:
java.lang.SecurityException: Authentication for user weblogic denied
at weblogic.security.service.SecurityServiceManager.doBootAuthorization(
SecurityServiceManager.java:1028)
at weblogic.security.service.SecurityServiceManager.initialize(SecurityS
erviceManager.java:1166)
at weblogic.t3.srvr.T3Srvr.initialize1(T3Srvr.java:697)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:589)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:277)
at weblogic.Server.main(Server.java:32)
Reason: Fatal initialization exception
Throwable: java.lang.SecurityException: Authentication for user weblogic denied
java.lang.SecurityException: Authentication for user weblogic denied
at weblogic.security.service.SecurityServiceManager.doBootAuthorization(
SecurityServiceManager.java:1028)
at weblogic.security.service.SecurityServiceManager.initialize(SecurityS
erviceManager.java:1166)
at weblogic.t3.srvr.T3Srvr.initialize1(T3Srvr.java:697)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:589)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:277)
at weblogic.Server.main(Server.java:32)Thanks a lot Scott. I followed your instructions and got it working to a certain
degree. I am pretty happy about the results.
There are still a few issues:
1. I had to create groups and users in my directory server in order to boot up
and logon to the server. This is expected, but is it possible to export these
user/group settings from the embedded LDAP server so that I can import them into
my directory server? Currently, the only way is manual and it's error prone. A
lot of trial and error has to happen to get there.
2. It seems that using Netscape LDAP server only allows read-only access. This
means we have to create new users/groups outside of the portal server and one
other side effect is self-registration is impossible, unless we use custom security
providers. Is this assessment correct? Since LDAP integration is so important,
wouldn't it be nice if BEA have that built-in and all we need to do is to switch
to and configure it?
3. I got duplicate users and groups in compatibility security. Obviously, one
set is from my LDAP server and the other is from the embedded one. I tried to
remove to embedded LDAP authenticator, but the duplicates are still there. How
can I get rid of the duplicates - I only want the ones from my LDAP server?
Thanks again Scott.
Weiguo
Scott Dunbar <[email protected]> wrote:
Weiguo,
WLP 7.0 uses a compatibility realm only and will not work with the
custom realm that you created for the Netscape directory server.
Configuring an LDAP compatibility realm isn't too bad and its
configuration is much like 4.0. However, it can be hard to configure
initially from the console. One way is to shut your server down and
modify config.xml directly - but make sure you make a backup copy first!
Then add something like:
<CachingRealm BasicRealm="myRealm" CacheCaseSensitive="true"
Name="wlcsCachingRealm"/>
<CustomRealm
ConfigurationData="user.filter=(&(uid=%u)(objectclass=person));
user.dn=ou=people,dc=beasys,dc=com;
server.principal=uid=dirmanager,ou=people,dc=beasys,dc=com;
membership.filter=(&(uniquemember=%M)(objectclass=groupofuniquenames));
group.filter=(&(cn=%g)(objectclass=groupofuniquenames));
server.host=somehost.beasys.com;
group.dn=ou=groups,dc=beasys,dc=com"
Name="myRealm" Password="your_password_here"
RealmClassName="weblogic.security.ldaprealmv2.LDAPRealm"/>
will enable your LDAP server. After this is setup it will be much
easier to configure via the console. Obviously you'll need to update
the parameters above for your configuration.
Weiguo Wang wrote:
Hi,
I am trying to integrate Netscape LDAP server (6.0) with portal server7, but
having lots of trouble doing that.
I've followed the instructions in the developer guide and completedthe following
steps:
1. added a CustomRealm named defaultLDAPRealmForNetscapeDirectoryServerin config.xml
and modified the entries to fit my environment.
2. Deployed ldapprofile.jar and customized the env variables.
After these two steps, nothing happened. Then I did the third step:
3. added a iPlanet Authenticator to the realm CompatibilityRealm, whichis my
default realm for the server.
However, after step 3, I wasn't able to boot weblogic server. Pleasenote I have
create two users, system and weblogic in my LDAP server.
I copied the stack trace below. Any suggestions will be greatly appreciated.
Weiguo
C:\prog\bea\user_projects\portalDemoDomain>"C:\prog\bea\jdk131_03\bin\java"-hotspot
-Xms128m -Xmx128m -XX:MaxPermSize=128m -Dcommerce.properties="C:\prog\bea\weblogic700\portal\weblogiccommerce.properties"
-Dweblogic.Name=portalDemoServer
-Dbea.home="C:\prog\bea" -Dweblogic.management.username= -Dweblogic.management.p
assword= -Dweblogic.ProductionModeEnabled=true -Dweblogic.management.discover=fa
lse -Djava.security.policy=="C:\prog\bea\weblogic700\server\lib\weblogic.policy"
weblogic.Server
<Nov 4, 2002 1:18:45 PM EST> <Info> <Security> <090065> <Getting bootidentity
from user.>
Enter username to boot WebLogic server:weblogic
Enter password to boot WebLogic server:
Starting WebLogic Server...
<Nov 4, 2002 1:19:06 PM EST> <Notice> <Management> <140005> <Loadingconfiguration
C:\prog\bea\user_projects\portalDemoDomain\.\config.xml>
<Nov 4, 2002 1:19:21 PM EST> <Notice> <Security> <090093> <No configurationdata
was found on server portalDemoServer for realm CompatibilityRealm.>
<Nov 4, 2002 1:19:21 PM EST> <Notice> <Security> <090082> <Securityinitializing
using realm CompatibilityRealm.>
<Nov 4, 2002 1:19:21 PM EST> <Critical> <WebLogicServer> <000364> <Serverfailed
during initialization. Exception:java.lang.SecurityException: Authenticationfor
user weblogic denied
java.lang.SecurityException: Authentication for user weblogic deniedat
weblogic.security.service.SecurityServiceManager.doBootAuthorization(
SecurityServiceManager.java:1028)
at weblogic.security.service.SecurityServiceManager.initialize(SecurityS
erviceManager.java:1166)
at weblogic.t3.srvr.T3Srvr.initialize1(T3Srvr.java:697)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:589)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:277)
at weblogic.Server.main(Server.java:32)
<Nov 4, 2002 1:19:21 PM EST> <Emergency> <WebLogicServer> <000342><Unable to
in
itialize the server: Fatal initialization exception
Throwable: java.lang.SecurityException: Authentication for user weblogicdenied
java.lang.SecurityException: Authentication for user weblogic denied
at weblogic.security.service.SecurityServiceManager.doBootAuthorization(
SecurityServiceManager.java:1028)
at weblogic.security.service.SecurityServiceManager.initialize(SecurityS
erviceManager.java:1166)
at weblogic.t3.srvr.T3Srvr.initialize1(T3Srvr.java:697)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:589)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:277)
at weblogic.Server.main(Server.java:32)
The WebLogic Server did not start up properly.
Exception raised:
java.lang.SecurityException: Authentication for user weblogic denied
at weblogic.security.service.SecurityServiceManager.doBootAuthorization(
SecurityServiceManager.java:1028)
at weblogic.security.service.SecurityServiceManager.initialize(SecurityS
erviceManager.java:1166)
at weblogic.t3.srvr.T3Srvr.initialize1(T3Srvr.java:697)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:589)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:277)
at weblogic.Server.main(Server.java:32)
Reason: Fatal initialization exception
Throwable: java.lang.SecurityException: Authentication for user weblogicdenied
java.lang.SecurityException: Authentication for user weblogic denied
at weblogic.security.service.SecurityServiceManager.doBootAuthorization(
SecurityServiceManager.java:1028)
at weblogic.security.service.SecurityServiceManager.initialize(SecurityS
erviceManager.java:1166)
at weblogic.t3.srvr.T3Srvr.initialize1(T3Srvr.java:697)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:589)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:277)
at weblogic.Server.main(Server.java:32)
scott dunbar bea systems,
inc.
[email protected] boulder, co
303 998 2125 usa -
Portal 7 and embedded LDAP server
I searched for this on support but nothing much came up on Portal 7, so here
goes:
We're thinking of moving to LDAP for user authentication. LDAP 2 is
supported by the current Portal. What LDAP version is supported by the
embedded LDAP server that comes with WLS? Can I convert sooner or later?
Do I have to wait on something?
Should I put off putting my users into LDAP 2 (OpenLDAP) or wait and use the
embedded LDAP?
Thanks,
SteveTure,
Can use LDAP for UUP without using it for authentication/authorization? If so,
how, or at least can you kindly point to a document that descrips how?
Thanks
Ture Hoefner <[email protected]> wrote:
Hello Steve,
I think you may be confusing the LDAP v2 specification with the WLS
6.x, 7.x
V2 LdapRealm. The "V2" in "V2 LdapRealm" does not have anything to do
with the
LDAP v2 spec. It is just version 2 of the LdapRealm (
http://e-docs.bea.com/wls/docs70/secmanage/security6.html#1071872 )
Portal
doesn't really care which LDAP server you are using (and it works with
both the
original LdapRealm and the V2 LdapRealm).
When using Portal with LDAP, there are three things you can use it
for:
1) authentication/authorization, using WLS security framework, and/or
2) read-only Unified User Profile (UUP) via LdapPropertyManager in
ldapprofile.jar to get user properties from LDAP, and/or
3) read/write UUP via your own custom EntityPropertyManager to get/set
user
properties from LDAP.
If you are using LDAP for authentication/authorization, then just follow
instructions from WLS for configuring it. Your Portal app is a J2EE
app that
will use this service from your WLS app server.
If you are using LDAP for a UUP then it doesn't really matter which LDAP
server
you use, as long as it really follows the LDAP spec. Portal just uses
JNDI to
search for attributes in the LDAP server and provides them to you as
user
properties.
Steve Lewis wrote:
I searched for this on support but nothing much came up on Portal 7,so here
goes:
We're thinking of moving to LDAP for user authentication. LDAP 2 is
supported by the current Portal. What LDAP version is supported bythe
embedded LDAP server that comes with WLS? Can I convert sooner orlater?
Do I have to wait on something?
Should I put off putting my users into LDAP 2 (OpenLDAP) or wait anduse the
embedded LDAP?
Thanks,
Steve--
Ture Hoefner
BEA Systems, Inc.
4001 Discovery Drive
Suite 340
Boulder, CO 80303
www.bea.com -
Steps for portal and Microsoft LDAP server integration
Hi,
Could any one guide me steps for portal and Microsoft LDAP server integration. Need it urgently.
Thanks in advance.
Regards,
NirajPlease don't cross post in multiple forums..
-
Using Portal Server's DS 5.1 as a general LDAP server
Does anybody use the Portal Server's "built in" Directory Server 5.1 as a general LDAP server? For instance, using the DS to authenticate workstations?
When I installed our Portal Server 6.0, I installed it on a seperate host so I could use it for other things besides just the Portal Server.
Before I went this route, I spoke with a Sun engineer and he said it was just like the "full blown" DS 5.1. I figured "Why have two directory servers when one will do the job for everything?"
Now that I am eyeball deep in this project and about to go production, a different Sun engineer says not to do this because the portal server "wants to have the dir server all to itself." That's a real technical answer.
Does anybody else do this and have you run into any problems?
The Directory Server should scale just fine for our portal server and the little bit of misc use elsewhere.
Any insight would be helpful.Hi,
because the portal server "wants to have the dir server >> all to itself." That's a real technical answer.- ?! Why is that?! - asked I the portal and my
portal told me, that he wouldn't mind to share
his user directory with other appications e.g. calendar/im/mail servers...
Just kidding,
It is actually nice to have one userbase in one clean directory!
Cheers,
Alex :-) -
Hi,
I'm currently working on a portal project, where i will need to integrate WLP
8.1 w/ existing LDAP server(like Sun One Directory). I want to know how to..
1. integrate WLP 8.1 w/ existing LDAP directory server (Sun One Directory). If
so can WLP can be configured to use Sun One for authorization?
2. If not possible, is WL LDAP server full LDAP v3 compliant? is there a way to
synchronize WL LDAP w/ Sun One Directory?
Thanks in advance,
Venkihi venki..
in fact i m facing the same issue..
if u ve made any progress in this regard..please let me know
any help will be appreciated..
thnks -
Second posting : Usage of embedded Portal LDAP server -
Hi All,
How to configure many instances of WLP 8.1 to use only one of it's embedded LDAP
server??
What i mean by this is that, suppose there are 5 instances of Portal, by default,all
of thse use their own LDAP servers.
But i want to configure in such a way that all 5 instances use any one of the
embedded LDAP of one of these 5 instances.
How to configure this ??
TIA, Prashanth Bhat.Prashanth,
By default, all instances of WLP enterprise apps use the same embedded
LDAP if they are within the same domain, since everything in the same
domain shares a single security realm. Of course, a security realm can
aggregate multiple LDAP servers via the addition of security providers.
I'm not aware of any easy way to share one domain's embedded LDAP
with another domain's security realm (if that is what you're asking). It
may be possible to expose it via a read only, custom atn provider you
would have to write.
-Phil
"Prashanth " <[email protected]> wrote in message
news:[email protected]..
>
Hi All,
How to configure many instances of WLP 8.1 to use only one of it'sembedded LDAP
server??
What i mean by this is that, suppose there are 5 instances of Portal, bydefault,all
of thse use their own LDAP servers.
But i want to configure in such a way that all 5 instances use any one ofthe
embedded LDAP of one of these 5 instances.
How to configure this ??
TIA,
Prashanth Bhat. -
How can I map LDAP departments to portal groups?
Hi All,
we connected our NW 7.0 Portal to the corporate LDAP server using the profile dataSourceConfiguration_novell_readonly_db.xml. Connection is up and running and the UME lists all users from the LDAP and they can logon.
The LDAP cannot provide any groups or roles. However, it provides a department name for every user.
My question is if it is possible to make a user automatically a member of a portal group named like the department he or she is working in and how this mapping can be achieved.
I downloaded the XML-file and studied the SAP-help concearning this matter, but I'm a little lost because of all the different tags of the XML-file and I don't quite comprehend how the mapping is done exactly. I'm not that keen on experimenting with the different tags since this requires frequent portal restarts and there seem to be many possible combinations.
I figure my request is not that exotic so maybe someone has done that before. Could someone out there help? It would be very much appreciated.
Thanks a lot in advance,
JensHi Jens,
There is an easier way to do this. Since you provide a department name for every user, configure virtual groups to use the department attribute.
http://help.sap.com/saphelp_nw04s/helpdata/en/43/fcfa2942ed7067e10000000a1553f6/frameset.htm
Configure the department names you use and the UME will generate virtual groups based on the department names at runtime.
-Michael -
Problem with LDAP in BEA Portal
Problem with LDAP in BEA Portal
I have a list of 50 user which should be cerated in portal staging(devlopment) machine and should be transfered to
production machine using LDAP
Steps which i followed to create Users
1.Create User Profile with 2 parameters branch and Role
2.I have list user in the Xls file with Username,password ,branch and Role
3.Write a java File which will read the Xls File
4.The users are created in the staging machine for the portal
Steps which i followed in LDAP to tranfer the created User form Devlopment to Production
1.Export the created user from Devlopment (which was moved as .DAT in my local directory)
2.import the user from local direcory to production machine
The Users are imported in the production machine with username and password but the role and branch values are empty
We need a solution for importing the user with role and branch corresponding to each user.
Thanks in Adv
SureshIn Portal 8.1, user name and password in stored in LDAP where as user profile values are stored in database. That is the reason you are not able to see the user profile values.
Check once again whether you can see these values through admin tool. In case,it is not(after confirmation again),you might have to use APIs to do this for you incase you dont want to manage through Admin Tool.
Thanks,
Prashanth Bhat. -
How to use company users on existing ldap server as EP6.0 sp2 Users?
Hi everybody
Our company user data is on a LDAP server we want to connect our EP6 UME to this existing LDAP server so that existing company users can access the Portal with their company id and password. What configuration we should do on the portal ?
thanks and regards
RajendraHi!
Look at Admin Guide:
Administration Guide->Portal Platform->System Administration->User Management Configuration->Configuration of Data Sources Used for User Management->Defining an LDAP Directory as a Data Source
WBR, Lnk
Maybe you are looking for
-
How can I have 2 iMacs in different locations communicate?
I have 2 iMacs located 100 miles from each other. Both are connected to internet by highspeed cable. Is there any way I can get something from the hard drive of the other, communicate between the two? Thanks for any suggestions.
-
Stateful Session Bean Initialization (EJB 3.0)
Hi all! In EJB 2.1 the initialization was with create (args) methods. NOw, how is it exploited? Create methods are no more there and there must be a way to send parameters to the stateful session bean when it is newly created...isn't it? Thank you!
-
How can we call a C program in Labview
Hi a) In one of our application we have to call a C progran in Labview. I am not able to call it. Can somebody help me. b) When we call a C program ,is Labview makes block diagram for it. Please reply Thanking You
-
I cannot use java jre in lion, I cannot use java jre in lion
Hi I need to use an online banking service which requires Java - I have ensured that my Java is fully up to dat and even installed the developers version but I cannot access the online banking service. I am using Lion - any ideas?
-
How Can We Trace Out Delivery Against Production Order
Dear All How can I check the delivered Qty(invoicing) Against Production Order . For Egg :-order qty Is 50000 Like 1 P.O-10000 2. P.O-5000 3. P.O-2500 And Despatch Or invoicing of 12500 qty. Then Through which report i can Find out T