cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

UME, Configuration of More Than One LDAP Data Source

Go to solution
Former Member

on ‎02-01-2006 3:54 PM

0 Kudos

Hi, we've configured the UME of our Portal Server to query two LDAP's, we have two separated domains with diferent users (dom1 and dom2).

The validations works well (both domains), but when we try to list users (for example to assign permissions) the system couldn't find dom2 users, but dom1 works well.

We followed the attached link to configure the data source file which i attached too.

-

<dataSource id="CORP_LDAP_RM"

className="com.sap.security.core.persistence.datasource.imp.LDAPPersistence"

isReadonly="true"

isPrimary="true">

.....

<privateSection>

<ume.ldap.access.server_name>ssmadtcdrm02.la.gr.repsolypf.com</ume.ldap.access.server_name>

<ume.ldap.access.server_port>389</ume.ldap.access.server_port>

<ume.ldap.access.ssl>false</ume.ldap.access.ssl>

<ume.ldap.access.user>dl_repsol\USLDAPPDO</ume.ldap.access.user>

<ume.ldap.access.password>$ume.ldap.access.additional_password.2</ume.ldap.access.password>

<ume.ldap.access.base_path.user>OU=USUARIOS,DC=rm,DC=gr,DC=repsolypf,DC=com</ume.ldap.access.base_path.user>

<ume.ldap.access.base_path.grup>OU=GRUPOS,DC=rm,DC=gr,DC=repsolypf,DC=com</ume.ldap.access.base_path.grup>

<ume.ldap.access.server_type>MSADS</ume.ldap.access.server_type>

<ume.ldap.access.context_factory>com.sun.jndi.ldap.LdapCtxFactory</ume.ldap.access.context_factory>

<ume.ldap.access.authentication>simple</ume.ldap.access.authentication>

<ume.ldap.access.flat_group_hierachy>false</ume.ldap.access.flat_group_hierachy>

<ume.ldap.access.user_as_account>true</ume.ldap.access.user_as_account>

<ume.ldap.access.dynamic_groups>false</ume.ldap.access.dynamic_groups>

<ume.ldap.access.ssl_socket_factory>com.sap.security.core.server.https.SecureConnectionFactory</ume.ldap.access.ssl_socket_factory>

<ume.ldap.access.objectclass.user>User</ume.ldap.access.objectclass.user>

<ume.ldap.access.objectclass.uacc>User</ume.ldap.access.objectclass.uacc>

<ume.ldap.access.objectclass.grup>organizationalUnit</ume.ldap.access.objectclass.grup>

<ume.ldap.access.naming_attribute.user>cn</ume.ldap.access.naming_attribute.user>

<ume.ldap.access.auxiliary_naming_attribute.user>samaccountname</ume.ldap.access.auxiliary_naming_attribute.user>

<ume.ldap.access.naming_attribute.uacc>cn</ume.ldap.access.naming_attribute.uacc>

<ume.ldap.access.auxiliary_naming_attribute.uacc>samaccountname</ume.ldap.access.auxiliary_naming_attribute.uacc>

<ume.ldap.access.naming_attribute.grup>ou</ume.ldap.access.naming_attribute.grup>

....

</privateSection>

</dataSource>

<dataSource id="CORP_LDAP_LA"

className="com.sap.security.core.persistence.datasource.imp.LDAPPersistence"

isReadonly="true"

isPrimary="true">

....

<privateSection>

<ume.ldap.access.server_name>ssbuetydla02.la.gr.repsolypf.com</ume.ldap.access.server_name>

<ume.ldap.access.server_port>389</ume.ldap.access.server_port>

<ume.ldap.access.ssl>false</ume.ldap.access.ssl>

<ume.ldap.access.user>dl_ypf\USLDAPPDO</ume.ldap.access.user>

<ume.ldap.access.password>$ume.ldap.access.additional_password.1</ume.ldap.access.password>

<ume.ldap.access.base_path.user>OU=USUARIOS,DC=la,DC=gr,DC=repsolypf,DC=com</ume.ldap.access.base_path.user>

<ume.ldap.access.base_path.grup>OU=GRUPOS,DC=la,DC=gr,DC=repsolypf,DC=com</ume.ldap.access.base_path.grup>

<ume.ldap.access.server_type>MSADS</ume.ldap.access.server_type>

<ume.ldap.access.context_factory>com.sun.jndi.ldap.LdapCtxFactory</ume.ldap.access.context_factory>

<ume.ldap.access.authentication>simple</ume.ldap.access.authentication>

<ume.ldap.access.flat_group_hierachy>false</ume.ldap.access.flat_group_hierachy>

<ume.ldap.access.user_as_account>true</ume.ldap.access.user_as_account>

<ume.ldap.access.dynamic_groups>false</ume.ldap.access.dynamic_groups>

<ume.ldap.access.ssl_socket_factory>com.sap.security.core.server.https.SecureConnectionFactory</ume.ldap.access.ssl_socket_factory>

<ume.ldap.access.objectclass.user>User</ume.ldap.access.objectclass.user>

<ume.ldap.access.objectclass.uacc>User</ume.ldap.access.objectclass.uacc>

<ume.ldap.access.objectclass.grup>organizationalUnit</ume.ldap.access.objectclass.grup>

<ume.ldap.access.naming_attribute.user>cn</ume.ldap.access.naming_attribute.user>

<ume.ldap.access.auxiliary_naming_attribute.user>samaccountname</ume.ldap.access.auxiliary_naming_attribute.user>

<ume.ldap.access.naming_attribute.uacc>cn</ume.ldap.access.naming_attribute.uacc>

<ume.ldap.access.auxiliary_naming_attribute.uacc>samaccountname</ume.ldap.access.auxiliary_naming_attribute.uacc>

<ume.ldap.access.naming_attribute.grup>ou</ume.ldap.access.naming_attribute.grup>

....

</privateSection>

</dataSource>

</dataSources>

-

I was wondering if anybody could help us a soon as posible.

Thanks in advance!

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
‎02-17-2006 8:22 AM
0 Kudos

Hi,

Do confirm if you are fulfilling following condition mentioned in SAP Note 673824.

Multiple directory servers

You can use in the UME up to 5 different directory servers in parallel. There is one limitation, users and groups belonging together have to be stored in the same directory server.

Show replies
Show replies

Answers (1)

Answers (1)

Former Member
‎02-01-2006 4:01 PM
0 Kudos

Sorry, I forgot to add the doc url that we used to configure UME:

http://help.sap.com/saphelp_nw04/helpdata/en/4e/4d0d40c04af72ee10000000a1550b0/frameset.htm

Show replies
Show replies
Ask a Question