cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SAP ECC 6.0 and LDAP Authorization management

former_member608032
Explorer

on ‎03-27-2019 3:30 PM

0 Kudos

Hi Their,

I am trying to find out an information about SAP ECC 6.0 EHP7 and LDAP authorization management. So far I understand SAP-LDAP configuration allow central user administration and it will allow accessing the SAP systems but what is not clear to me is

1.Does User has to be created in SAP or only Windows user id (LDAP) user should be sufficient to access SAP

2.If user creation is not required, would it be possible to manage authorizations in LDAP level. I mean direct assignment LDAP group - SAP Role. In this way user can access SAP with his required authorisations

3.If second step is possible, would it be possible with PD Org method or direct role assignment.

It would really appreciate if anyone answer my questions. Thank you

Pavan

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (3)

Answers (3)

former_member608032
Explorer
‎04-01-2019 11:28 AM
0 Kudos

Any update from any one

Show replies
Show replies
former_member608032
Explorer
‎03-28-2019 11:48 AM
0 Kudos

Hi Colleen,

We are trying to automate the User id creation and role assignment using LDAP configuration. I mean if a new user created in AD level with groups ( example AD_SAP_READ only). Then an user has to be created automatically in SAP ECC system and assign equivalent roles accordingly to AD group in roles tab in SAP Screen.

However, I understand we have to perform a role - group mapping in SAP system with LDAPMAP.

My question is this setup is possible in SAP ECC 6.0 as I understand this is possible in SAP HANA

Show replies
Show replies
Allan1
Explorer
‎06-02-2021 6:06 PM
0 Kudos

Did you find a solution?

Regards

Colleen
Advisor
Advisor
‎03-27-2019 10:24 PM
0 Kudos

Hi Pavan

For question 1 - you must have a SAP SU01 account to access the ABAP stack and then have SAP security roles assigned that provide your authorisations

You can look at LDAP transactions to automate some account creation or updates.


What are you trying to design/achieve here?... might help to get some recommendations or guidance if possible.

Regards

Colleen

Show replies
Show replies
Ask a Question