Skip to Content
avatar image
Former Member

AD and IDM UME integration

Hi Experts,

  Today we have done few configuration related to AD and UME integration which doesn't go well. Please provide your valuable suggestions to overcome the issues. Steps what we followed are :

1. We have created service user in Ad

2. Configured service user with SPN (service prinicpal name)

3.Logged into nwa : http://hostname:port/nwa

4. Done UME configurations, please check attached doc for screenshot

5.Restart AS Java

We are looking to load the AD users into UME, could you please suggest what needs to be done after these steps.

Thanks,

Lokesh

bbb.png (5.9 kB)
aaa.png (9.7 kB)
Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

3 Answers

  • Best Answer
    Jan 14, 2015 at 01:54 PM

    But those users can login to the portal?

    Add comment
    10|10000 characters needed characters exceeded

  • Jan 13, 2015 at 07:35 PM

    Hello Lokesh,

    we're not so great in mind reading here. 😉 So you need to share, what exactly "doesn't go well". If you just need more steps to do, you should consult the documentation. Searching here on SCN also helps a lot, but we're not going to do that for you.

    So please share sone more information where you are stuck and need help.

    Regards,

    Steffi.

    Add comment
    10|10000 characters needed characters exceeded

    • Former Member Steffi Warnecke

      Hi

      When we try to access IDM UI i.e

      http://hostname:port/idm

      with username as : AD user and AD password (which is fetched in IDM UME LDAP as datasource)

      Error : authentication failed

      LOG wht we found in UMe is :

      LOGIN.FAILED

      User: N/A

      IP Address: ******

      Authentication Stack: sap.com/tc~wd~dispwda*webdynpro_dispatcher

      Login Module                                                               Flag        Initialize  Login      Commit     Abort      Details

      1. com.sap.security.core.server.jaas.EvaluateTicketLoginModule             SUFFICIENT  ok          false                 true     

      2. com.sap.engine.services.security.server.jaas.BasicPasswordLoginModule   REQUISITE   ok          exception             true       Authentication did not succeed.

      3. com.sap.security.core.server.jaas.CreateTicketLoginModule               OPTIONAL    ok                                true      

  • avatar image
    Former Member
    Jan 14, 2015 at 10:19 PM

    Judging by your screen-shot, you haven't provided a user path. pick one of your AD users that can't log in and find their location in Active Directory. Provide this location in your LDAP UME config and restart the system... then try to log in again with that user.

    <KC>

    Add comment
    10|10000 characters needed characters exceeded