Skip to Content
author's profile photo Former Member
Former Member

Discover AD user domain through security.api

Hi SAP Experts!

I'd like some help.

We are using the default "dataSourceConfiguration_ads_readonly_db.xml" configuration to access our Active Directory server.

Is it possible to find user domain through com.sap.security.api?

DOMAIN/user

Thanks in advance.

Regards,

Thales Pires

Add a comment
10|10000 characters needed characters exceeded

Assigned Tags

Related questions

2 Answers

  • Posted on Dec 13, 2013 at 01:29 PM

    Hi Thales,

    I don't have an environment to test this, but looking at the following excerpt of dataSourceConfiguration_ads_readonly_db.xml:

    <principal type="account">

    <nameSpace name="com.sap.security.core.usermanagement">

    <attribute name="j_user"/>

    <attribute name="logonalias"/>

    <attribute name="j_password"/>

    <attribute name="userid"/>

    </nameSpace>

    <nameSpace name="com.sap.security.core.authentication">

    <attribute name="principal"/>

    <attribute name="realm"/>

    <attribute name="domain"/>

    </nameSpace>

    </principal>

    I assume that the following code will do what you want:

        return UMFactory
              .getInstance()
              .getUserFactory()
              .getUserByLogonID("Administrator") //replace this with the logon ID you're interested in
              .getUserAccounts()[0]
              .getAttribute("com.sap.security.core.authentication", "domain")[0];
    

    For production purposes, you'll want to add some exception and NULL handling to the above code, of course. Let me know if it works.

    BR, Lambert

    Add a comment
    10|10000 characters needed characters exceeded

    • Former Member

      Thanks for your reply Lambert, but it didn't work.

      I solve this by mapping the attribute domain to AD attribute userPrincipalName.

      Thus, I could parse it to get user domain name.

      Regards,

      Thales Pires

  • author's profile photo Former Member
    Former Member
    Posted on Dec 11, 2013 at 06:42 PM

    This question isn't answered yet.

    I've clicked on "Assumed Answered" by a mistake.

    I appreciate any help.

    Add a comment
    10|10000 characters needed characters exceeded

Before answering

You should only submit an answer when you are proposing a solution to the poster's problem. If you want the poster to clarify the question or provide more information, please leave a comment instead, requesting additional details. When answering, please include specifics, such as step-by-step instructions, context for the solution, and links to useful resources. Also, please make sure that you answer complies with our Rules of Engagement.
You must be Logged in to submit an answer.

Up to 10 attachments (including images) can be used with a maximum of 1.0 MB each and 10.5 MB total.