Skip to Content
0
Former Member
Feb 01, 2006 at 03:54 PM

UME, Configuration of More Than One LDAP Data Source

200 Views

Hi, we've configured the UME of our Portal Server to query two LDAP's, we have two separated domains with diferent users (dom1 and dom2).

The validations works well (both domains), but when we try to list users (for example to assign permissions) the system couldn't find dom2 users, but dom1 works well.

We followed the attached link to configure the data source file which i attached too.

-


<dataSource id="CORP_LDAP_RM"

className="com.sap.security.core.persistence.datasource.imp.LDAPPersistence"

isReadonly="true"

isPrimary="true">

.....

<privateSection>

ssmadtcdrm02.la.gr.repsolypf.com

<ume.ldap.access.server_port>389</ume.ldap.access.server_port>

<ume.ldap.access.ssl>false</ume.ldap.access.ssl>

<ume.ldap.access.user>dl_repsol\USLDAPPDO</ume.ldap.access.user>

<ume.ldap.access.password>$ume.ldap.access.additional_password.2</ume.ldap.access.password>

<ume.ldap.access.base_path.user>OU=USUARIOS,DC=rm,DC=gr,DC=repsolypf,DC=com</ume.ldap.access.base_path.user>

<ume.ldap.access.base_path.grup>OU=GRUPOS,DC=rm,DC=gr,DC=repsolypf,DC=com</ume.ldap.access.base_path.grup>

<ume.ldap.access.server_type>MSADS</ume.ldap.access.server_type>

<ume.ldap.access.context_factory>com.sun.jndi.ldap.LdapCtxFactory</ume.ldap.access.context_factory>

<ume.ldap.access.authentication>simple</ume.ldap.access.authentication>

<ume.ldap.access.flat_group_hierachy>false</ume.ldap.access.flat_group_hierachy>

<ume.ldap.access.user_as_account>true</ume.ldap.access.user_as_account>

<ume.ldap.access.dynamic_groups>false</ume.ldap.access.dynamic_groups>

<ume.ldap.access.ssl_socket_factory>com.sap.security.core.server.https.SecureConnectionFactory</ume.ldap.access.ssl_socket_factory>

<ume.ldap.access.objectclass.user>User</ume.ldap.access.objectclass.user>

<ume.ldap.access.objectclass.uacc>User</ume.ldap.access.objectclass.uacc>

<ume.ldap.access.objectclass.grup>organizationalUnit</ume.ldap.access.objectclass.grup>

<ume.ldap.access.naming_attribute.user>cn</ume.ldap.access.naming_attribute.user>

<ume.ldap.access.auxiliary_naming_attribute.user>samaccountname</ume.ldap.access.auxiliary_naming_attribute.user>

<ume.ldap.access.naming_attribute.uacc>cn</ume.ldap.access.naming_attribute.uacc>

<ume.ldap.access.auxiliary_naming_attribute.uacc>samaccountname</ume.ldap.access.auxiliary_naming_attribute.uacc>

<ume.ldap.access.naming_attribute.grup>ou</ume.ldap.access.naming_attribute.grup>

....

</privateSection>

</dataSource>

<dataSource id="CORP_LDAP_LA"

className="com.sap.security.core.persistence.datasource.imp.LDAPPersistence"

isReadonly="true"

isPrimary="true">

....

<privateSection>

ssbuetydla02.la.gr.repsolypf.com

<ume.ldap.access.server_port>389</ume.ldap.access.server_port>

<ume.ldap.access.ssl>false</ume.ldap.access.ssl>

<ume.ldap.access.user>dl_ypf\USLDAPPDO</ume.ldap.access.user>

<ume.ldap.access.password>$ume.ldap.access.additional_password.1</ume.ldap.access.password>

<ume.ldap.access.base_path.user>OU=USUARIOS,DC=la,DC=gr,DC=repsolypf,DC=com</ume.ldap.access.base_path.user>

<ume.ldap.access.base_path.grup>OU=GRUPOS,DC=la,DC=gr,DC=repsolypf,DC=com</ume.ldap.access.base_path.grup>

<ume.ldap.access.server_type>MSADS</ume.ldap.access.server_type>

<ume.ldap.access.context_factory>com.sun.jndi.ldap.LdapCtxFactory</ume.ldap.access.context_factory>

<ume.ldap.access.authentication>simple</ume.ldap.access.authentication>

<ume.ldap.access.flat_group_hierachy>false</ume.ldap.access.flat_group_hierachy>

<ume.ldap.access.user_as_account>true</ume.ldap.access.user_as_account>

<ume.ldap.access.dynamic_groups>false</ume.ldap.access.dynamic_groups>

<ume.ldap.access.ssl_socket_factory>com.sap.security.core.server.https.SecureConnectionFactory</ume.ldap.access.ssl_socket_factory>

<ume.ldap.access.objectclass.user>User</ume.ldap.access.objectclass.user>

<ume.ldap.access.objectclass.uacc>User</ume.ldap.access.objectclass.uacc>

<ume.ldap.access.objectclass.grup>organizationalUnit</ume.ldap.access.objectclass.grup>

<ume.ldap.access.naming_attribute.user>cn</ume.ldap.access.naming_attribute.user>

<ume.ldap.access.auxiliary_naming_attribute.user>samaccountname</ume.ldap.access.auxiliary_naming_attribute.user>

<ume.ldap.access.naming_attribute.uacc>cn</ume.ldap.access.naming_attribute.uacc>

<ume.ldap.access.auxiliary_naming_attribute.uacc>samaccountname</ume.ldap.access.auxiliary_naming_attribute.uacc>

<ume.ldap.access.naming_attribute.grup>ou</ume.ldap.access.naming_attribute.grup>

....

</privateSection>

</dataSource>

</dataSources>

-


I was wondering if anybody could help us a soon as posible.

Thanks in advance!