Skip to Content
avatar image
Former Member

LDAP

Hii,

I want to configure LDAP with portal server is there any documentation available which can explain the process step by step.

Regards

Hiren K.Chitalia

Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

5 Answers

  • avatar image
    Former Member
    May 24, 2006 at 12:21 PM

    Hiren,

    Your question is broad, as there are many LDAPs and the portal can be configured with a single or multiple ldap data stores.

    Are you going to use MS ADS/eDirectory. Which data store type are you wanting to deploy?

    http://help.sap.com/saphelp_nw2004s/helpdata/en/7e/a2d475e5384335a2b1b2d80e1a3a20/frameset.htm

    James

    Add comment
    10|10000 characters needed characters exceeded

  • avatar image
    Former Member
    May 24, 2006 at 12:39 PM

    Hi Hiren,

    Many documents. Send me an email and I can send few i have.

    Regards,

    Piyush

    ps: please mark for useful answers.

    Add comment
    10|10000 characters needed characters exceeded

  • avatar image
    Former Member
    May 24, 2006 at 12:41 PM

    Hii Piyush,

    My Mail ID is hirenchitalia@gmail.com

    Regards

    Hiren K.Chitalia

    Add comment
    10|10000 characters needed characters exceeded

  • avatar image
    Former Member
    Feb 21, 2007 at 02:48 PM

    Please send me ldap configuration documents to nancylam01@yahoo.com

    Add comment
    10|10000 characters needed characters exceeded

  • avatar image
    Former Member
    Feb 22, 2007 at 05:16 AM

    Hi Hiten,

    Follwing is step by step solution to configure LDAP server for EP

    1) Ensure that the UM Configuration is set to “Database Only” or that the current

    UM configuration creates new users in the database.

    a) Navigate the the UM Configuration UI (System Administration -> System

    Configuration -> UM Configuration) and select the “Data Sources” tab.

    b) Choose “Database Only” or any “… Read Only” dataSource.

    c) Save.

    d) Restart J2EE Engine.

    2) Create a new user ID in the portal and assign it to the Super Administration role. Log off and then log back on to the portal with this ID to ensure you can access the administrative function using the ID from the database. This ensures that you can logon and perform administration tasks even if the portal is unable to connect to an LDAP source.

    3) Establish the initial UM configuration.

    a) Navigate the the UM Configuration UI (System Administration -> System

    Configuration -> UM Configuration) and select the “Data Sources” tab.

    b) Choose the most appropriate DataSource configuration from the delivered list

    (e.g. iPlanet, Novell, MS ADS, etc.)

    c) Complete UM configuration for the first LDAP data source using the User

    Management Configuration Tool.

    d) Restart the J2EE Engine.

    e) Logon to portal server with an LDAP user to test the connection. If there are

    problems, use the database user ID you created in step #2 to logon to the

    portal and resolve connectivity issues.

    4) Capture information required for creating a new UM Configuration for Multiple

    LDAP sources.

    a) Log back on to the portal using an administrator ID.

    b) Navigate back to the UM Configuration Tool and select the “Data Sources”

    tab.

    c) Click “Download” to download a copy of the appropriate XML file. Save this

    file to your local filesystem for editing.

    d) Navigate to “LDAP Server” tab and verify connection information to the LDAP

    server. Click “Test Connection” to ensure credentials are correct. Save the

    configuration before continuing to the next step.

    e) Navigate to “Direct Editing” tab.

    f) Scroll down to the LDAP Settings section and copy the contents to MS

    WordPad or other text editor (configuration document).

    5) Create a new UM configuration file for multiple LDAP data sources.

    a) Open the dataSourceConfiguration_multiLDAP_db.xml file (previously

    downloaded) using a text editor (other than Notepad) and locate the

    <dataSource.../> section for the “CORP_LDAP”. Copy the entire section

    from <dataSource…> to </dataSource> to the clipboard.

    b) For each additional LDAP server, paste the copy into the document after the

    original </dataSource…> ending tag for the CORP_LDAP source. Change

    the name of the data source for pasted copy to “CORP_LDAP_X” or some

    other value. This value becomes a data source identifier for UME and prefixes

    the principal Ids.

    c) For each LDAP data source, locate the <privateSection…> within the

    <dataSource…> tag and enter the following lines if they are not present:

    <ume.ldap.access.server_name>SERVER_HOSTNAME</ume.ldap.access.server_name> <ume.ldap.access.server_port>SERVER_PORT</ume.ldap.access.server_port> <ume.ldap.access.user>DS_USER_NAME</ume.ldap.access.user> <ume.ldap.access.password>DS_PASSWORD</ume.ldap.access.password> <ume.ldap.access.base_path.user>USER_ROOT_IN_DS</ume.ldap.access.base_path.user> <ume.ldap.access.base_path.grup>GROUP_ROOT_IN_DS</ume.ldap.access.base_path.grup> d) Update the properties for each datasource with the correct values obtained from the “Direct Editing” tab (now stored in the configuration document). An example is shown below: <dataSource id="CORP_LDAP_2" className="com.sap.security.core.persistence.datasource.imp.LDAPPersistence" isReadonly="true" isPrimary="true"> ... <privateSection> <ume.ldap.access.server_name>i802895a.phl.sap.corp</ume.ldap.access.server_name> <ume.ldap.access.server_port>389</ume.ldap.access.server_port> <ume.ldap.access.user>cn=Directory Manager</ume.ldap.access.user> <ume.ldap.access.password>ksdf8SDF#%</ume.ldap.access.password> <ume.ldap.access.base_path.user>ou=people,dc=phl,dc=sap,dc=corp</ume.ldap.access.base_path.user> <ume.ldap.access.base_path.grup>ou=groups,dc=phl,dc=sap,dc=corp</ume.ldap.access.base_path.grup> <ume.ldap.access.server_type>SUN</ume.ldap.access.server_type> [more stuff] </privateSection>

    6) Upload the new UM Configuration file.

    a) Navigate back to “Data Source” tab and choose “Other” for the data source.

    b) Click “Upload” and navigate to the new configuration file -

    dataSourceConfiguration_multiLDAP_db.xml. Upload this to the server.

    c) Click “Save” to save the new configuration.

    d) Navigate to the “Direct Editing” tab.

    e) Comment out all of the LDAP settings which begin with ume.ldap.access.*

    such as server name, passwords, etc. that are now manually configured in

    the XML file.

    f) Click “Save” to save the properties. (You may also wish to make a copy of the

    new settings and save them to a file for recovery purposes). g) Restart the

    J2EE engine.

    7) Test the configuration.

    PS: Pl award points if post found useful 😊

    Add comment
    10|10000 characters needed characters exceeded