on 02-01-2006 3:54 PM
Hi, we've configured the UME of our Portal Server to query two LDAP's, we have two separated domains with diferent users (dom1 and dom2).
The validations works well (both domains), but when we try to list users (for example to assign permissions) the system couldn't find dom2 users, but dom1 works well.
We followed the attached link to configure the data source file which i attached too.
-
<dataSource id="CORP_LDAP_RM"
className="com.sap.security.core.persistence.datasource.imp.LDAPPersistence"
isReadonly="true"
isPrimary="true">
.....
<privateSection>
<ume.ldap.access.server_name>ssmadtcdrm02.la.gr.repsolypf.com</ume.ldap.access.server_name>
<ume.ldap.access.server_port>389</ume.ldap.access.server_port>
<ume.ldap.access.ssl>false</ume.ldap.access.ssl>
<ume.ldap.access.user>dl_repsol\USLDAPPDO</ume.ldap.access.user>
<ume.ldap.access.password>$ume.ldap.access.additional_password.2</ume.ldap.access.password>
<ume.ldap.access.base_path.user>OU=USUARIOS,DC=rm,DC=gr,DC=repsolypf,DC=com</ume.ldap.access.base_path.user>
<ume.ldap.access.base_path.grup>OU=GRUPOS,DC=rm,DC=gr,DC=repsolypf,DC=com</ume.ldap.access.base_path.grup>
<ume.ldap.access.server_type>MSADS</ume.ldap.access.server_type>
<ume.ldap.access.context_factory>com.sun.jndi.ldap.LdapCtxFactory</ume.ldap.access.context_factory>
<ume.ldap.access.authentication>simple</ume.ldap.access.authentication>
<ume.ldap.access.flat_group_hierachy>false</ume.ldap.access.flat_group_hierachy>
<ume.ldap.access.user_as_account>true</ume.ldap.access.user_as_account>
<ume.ldap.access.dynamic_groups>false</ume.ldap.access.dynamic_groups>
<ume.ldap.access.ssl_socket_factory>com.sap.security.core.server.https.SecureConnectionFactory</ume.ldap.access.ssl_socket_factory>
<ume.ldap.access.objectclass.user>User</ume.ldap.access.objectclass.user>
<ume.ldap.access.objectclass.uacc>User</ume.ldap.access.objectclass.uacc>
<ume.ldap.access.objectclass.grup>organizationalUnit</ume.ldap.access.objectclass.grup>
<ume.ldap.access.naming_attribute.user>cn</ume.ldap.access.naming_attribute.user>
<ume.ldap.access.auxiliary_naming_attribute.user>samaccountname</ume.ldap.access.auxiliary_naming_attribute.user>
<ume.ldap.access.naming_attribute.uacc>cn</ume.ldap.access.naming_attribute.uacc>
<ume.ldap.access.auxiliary_naming_attribute.uacc>samaccountname</ume.ldap.access.auxiliary_naming_attribute.uacc>
<ume.ldap.access.naming_attribute.grup>ou</ume.ldap.access.naming_attribute.grup>
....
</privateSection>
</dataSource>
<dataSource id="CORP_LDAP_LA"
className="com.sap.security.core.persistence.datasource.imp.LDAPPersistence"
isReadonly="true"
isPrimary="true">
....
<privateSection>
<ume.ldap.access.server_name>ssbuetydla02.la.gr.repsolypf.com</ume.ldap.access.server_name>
<ume.ldap.access.server_port>389</ume.ldap.access.server_port>
<ume.ldap.access.ssl>false</ume.ldap.access.ssl>
<ume.ldap.access.user>dl_ypf\USLDAPPDO</ume.ldap.access.user>
<ume.ldap.access.password>$ume.ldap.access.additional_password.1</ume.ldap.access.password>
<ume.ldap.access.base_path.user>OU=USUARIOS,DC=la,DC=gr,DC=repsolypf,DC=com</ume.ldap.access.base_path.user>
<ume.ldap.access.base_path.grup>OU=GRUPOS,DC=la,DC=gr,DC=repsolypf,DC=com</ume.ldap.access.base_path.grup>
<ume.ldap.access.server_type>MSADS</ume.ldap.access.server_type>
<ume.ldap.access.context_factory>com.sun.jndi.ldap.LdapCtxFactory</ume.ldap.access.context_factory>
<ume.ldap.access.authentication>simple</ume.ldap.access.authentication>
<ume.ldap.access.flat_group_hierachy>false</ume.ldap.access.flat_group_hierachy>
<ume.ldap.access.user_as_account>true</ume.ldap.access.user_as_account>
<ume.ldap.access.dynamic_groups>false</ume.ldap.access.dynamic_groups>
<ume.ldap.access.ssl_socket_factory>com.sap.security.core.server.https.SecureConnectionFactory</ume.ldap.access.ssl_socket_factory>
<ume.ldap.access.objectclass.user>User</ume.ldap.access.objectclass.user>
<ume.ldap.access.objectclass.uacc>User</ume.ldap.access.objectclass.uacc>
<ume.ldap.access.objectclass.grup>organizationalUnit</ume.ldap.access.objectclass.grup>
<ume.ldap.access.naming_attribute.user>cn</ume.ldap.access.naming_attribute.user>
<ume.ldap.access.auxiliary_naming_attribute.user>samaccountname</ume.ldap.access.auxiliary_naming_attribute.user>
<ume.ldap.access.naming_attribute.uacc>cn</ume.ldap.access.naming_attribute.uacc>
<ume.ldap.access.auxiliary_naming_attribute.uacc>samaccountname</ume.ldap.access.auxiliary_naming_attribute.uacc>
<ume.ldap.access.naming_attribute.grup>ou</ume.ldap.access.naming_attribute.grup>
....
</privateSection>
</dataSource>
</dataSources>
-
I was wondering if anybody could help us a soon as posible.
Thanks in advance!
Hi,
Do confirm if you are fulfilling following condition mentioned in SAP Note 673824.
Multiple directory servers
You can use in the UME up to 5 different directory servers in parallel. There is one limitation, users and groups belonging together have to be stored in the same directory server.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Sorry, I forgot to add the doc url that we used to configure UME:
http://help.sap.com/saphelp_nw04/helpdata/en/4e/4d0d40c04af72ee10000000a1550b0/frameset.htm
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
93 | |
10 | |
10 | |
9 | |
9 | |
7 | |
6 | |
5 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.