Skip to Content
0

BO CMS is unbale to get User list from Window AD

Mar 22, 2017 at 12:13 PM

144

avatar image

We have SAP BO 4.1 SP 4 and facing an issue as User list is not getting updated with Window AD user list. The new user added in AD is not getting reflect in CMS user group.

I have check Authentication tab and tried removing the AD list and update. It get update with AD group get add in Group, But the user under the group don't get added.

Please help ASAP

10 |10000 characters needed characters left characters exceeded
* Please Login or Register to Answer, Follow or Comment.

3 Answers

avatar image
Former Member Mar 22, 2017 at 04:36 PM
0

In CMC->Authentications-> Windows AD,

1. In Schedule User's AD Alias Updates

Schedule it recurring, for example, hourly.

2. In Alias Update Options

Check the "Create new aliases when the Alias Update occurs"

You can manually run On-Demand AD update with "Update AD Groups and Aliases now"

Regards,

Jin-Chong

Show 1 Share
10 |10000 characters needed characters left characters exceeded

It was working properly till Feb 17, but it stop suddenly. I have Kerberos Authentication and also validate the KRB file too.

I can see the User are present in AD group via Window, Also, if User is able to login into BO using WIN AD and access group which was added earlier before March-17 . But if user is add in other group that is not getting reflect.

I am able to add new group via Authentication, the group get added under User and Group list but the user is not getting added.

Is any how we can get log via CMS to analyse? I am able to connect SIA server using AD id and also AD group list is scan using Domain id. But user list is not getting added

0
Denis Konovalov
Mar 22, 2017 at 06:33 PM
0

Maybe that user is not a member of mapped AD groups ?

Show 2 Share
10 |10000 characters needed characters left characters exceeded

It was working properly till Feb 17, but it stop suddenly. I have Kerberos Authentication and also validate the KRB file too.

I can see the User are present in AD group via Window, Also, if User is able to login into BO using WIN AD and access group which was added earlier before March-17 . But if user is add in other group that is not getting reflect.

I am able to add new group via Authentication, the group get added under User and Group list but the user is not getting added.

Is any how we can get log via CMS to analyse? I am able to connect SIA server using AD id and also AD group list is scan using Domain id. But user list is not getting added

0

you can enable HIGH level trace for CMC and CMS in CMC or you can run End to end trace using KBA 1861180

and see what happens when that group is being mapped.

0
avatar image
Former Member Mar 23, 2017 at 10:18 AM
0

if you have named user licence then it will add ''N number of users as per licence.

check if you have this option selected in Authenticatin TAB:-

Create new aliases only when a user logs on

Share
10 |10000 characters needed characters left characters exceeded