Skip to Content
author's profile photo Former Member
Former Member

AS JAVA integration with AD

Hello,

We want to integrate AS JAVA with AD for the purpose of Authentication. It means when user will login to IDM UI, his/her password will be authenticated against AD. IS this inegration possible without provisioning the user into AS JAVA? I want user to login into IDM UI and raise self-service request without user provisioning to AS JAVA. Is it possible or advisible to implement this way?

Thanks,

Dhiman Paul.

Add a comment
10|10000 characters needed characters exceeded

Assigned Tags

Related questions

3 Answers

  • author's profile photo Former Member
    Former Member
    Posted on Dec 04, 2013 at 09:30 AM

    Hi Dhiman,

    Yes it is possible to have AS JAVA authenticating against AD. During the configuration of Data sources in identity management of AS JAVA, select Microsoft ADS (Deep Hierarchy) + Database as the data source and provide the required details.

    I would suggest you to implement such a way that you provision the user to the AS JAVA also, so that all the connected systems with IDM will have the identity information. Any specific reason you don't want to provision to AS JAVA ?

    Also, as per my knowledge, it should work even the user is not provisioned to AS JAVA, as in actual the authentication happens against AD.

    For more information look LDAP Directory as Data Source (SAP Library - Identity Management of the Application Server Java)

    Thanks,

    Krishna.

    Add a comment
    10|10000 characters needed characters exceeded

  • Posted on Dec 04, 2013 at 12:44 PM

    Dhiman Paul wrote:

    We want to integrate AS JAVA with AD for the purpose of Authentication. It means when user will login to IDM UI, his/her password will be authenticated against AD. IS this inegration possible without provisioning the user into AS JAVA?

    It works if the Portal UME is pointed to AD and you have configured your IdM Portal Role so that authenticated users ("authenticated users" Portal group) will get the self-service access. But the user must exist in IdM.

    Check out the IdM UI installation guide the configuration of the IdM Portal Role is explained there.

    regards, Tero

    Add a comment
    10|10000 characters needed characters exceeded

  • author's profile photo Former Member
    Former Member
    Posted on Dec 18, 2013 at 06:26 PM

    Hi,

    I am able to configure AD as authentication source for AS JAVA login. Now user's password is getting authenticated against AD. But I have encountered another problem.

    When user is locked in AD but the user is able to login into AS JAVA IDM UI. In reality user's authentication must fail as he is locked in AD. It looks like to me AD to AS JAVA automatic synchronization is not working properly.

    Any thought how I can resolve this?

    Thanks,

    Dhiman Paul.


    Add a comment
    10|10000 characters needed characters exceeded

Before answering

You should only submit an answer when you are proposing a solution to the poster's problem. If you want the poster to clarify the question or provide more information, please leave a comment instead, requesting additional details. When answering, please include specifics, such as step-by-step instructions, context for the solution, and links to useful resources. Also, please make sure that you answer complies with our Rules of Engagement.
You must be Logged in to submit an answer.

Up to 10 attachments (including images) can be used with a maximum of 1.0 MB each and 10.5 MB total.