Skip to Content
author's profile photo
Former Member

Cannot perform read operation on the LDAP System???

Dears,

I am facing above issue in GRC system while syncing user data from LDAP connector. LDAP configuration is completed and seems to be working fine because of below details:

  1. Users are fetched successfully from LDAP system while searching in LDAP Tcode
  2. Users are authenticated successfully while accessing End User Logon Page.

I have tried syncing using user id having SAP_ALL profile but still could not get the proper result.

Please advise.

Regards,

Faisal

Add comment
10|10000 characters needed characters exceeded

  • Follow
  • Get RSS Feed

2 Answers

  • Best Answer
    Posted on Apr 11, 2016 at 01:16 PM

    Hi Faisal,

    What exactly do you need to read? Do you use LDAP as a source for user searching?

    Please provide us with the details.

    I also have some opened issues with LDAP and we can help to each other.

    Regards,

    Artem

    Add comment
    10|10000 characters needed characters exceeded

    • Hi Faisal,

      It's a pleasure to see that something started to work. I will try to watch for your others threads because it's very interesting for me to know all possible issues with LDAP.

      Hope you'll get working functionality!

      Regards,

      Artem

  • Posted on Apr 12, 2016 at 04:07 PM

    Hello guys,

    I am also facing the same issue.

    when I perform URP sync, I ma getting the error--cannot perform read operation on the LDAP systems. Is the user in LDAP should require any permissions. I kept as my userid while defining the connections. and also I dnt maintained any BASE ENTRY.. Is it mandatory to have the base entry?

    Do the user maintained in LDAP should have SAP_ALL?

    please suggest.

    Regards,

    Ravi.

    Add comment
    10|10000 characters needed characters exceeded

    • Former Member ravi kumar

      Ravi,

      Yes, all users have read access so no need to have any special permission.

      Secondly, I think you need to use "LDAP_END_USER_AUTH_SUFFIX" with value "@yourdomain" for LDAP connector, Connector Action#3 and 4 under..Maintain Mapping....->Assign Mapping Group Parameter.

      Hope this helps. Please share your feedback.

      Regards,