Skip to Content

LDAP configuration to SAP GRC AC

Team,

Please refer to screenshotscapture1.jpgcapture2.jpg

Please help with attribute user path meaning and also the value provided.

What is OU,DC & DC. Why we have to provide these values?

Are these values same every where? Please help.

Best Regards

Vamsi

capture1.jpg (27.1 kB)
capture2.jpg (13.7 kB)
Add a comment
10|10000 characters needed characters exceeded

Related questions

1 Answer

  • Posted on Feb 14, 2018 at 09:38 AM

    Hi Vamsi

    The computer that you are using has to be on the desired domain.

    You can user the following CMD commands to get the LDAP Server details.

    Just update the domain name highlighted in red to the companies fully qualified domain name.

    In windows click on start run CMD.

    Then enter nslookup -type=all _ldap._tcp.dc._msdcs.domainname.net

    The result is a list of LDAP server.

    Understanding the Base Entry

    Base entry is a filter for your organization unit groups or OU Groups.

    In Active Directory OU groups are created to assign users to.

    Note that you’re a user’s OU group can be assigned to another OU group.

    Which will create a Parent / Child node relationship.

    The users OU Group will be the Child Node where the group it is assigned to will be the Parent Group.

    Note that this is important because righting the Base Entry you will require to know the OU path containing the Parent OU and its Child OU groups.

    Below is an example of a Base Entry value.

    Base entry value = OU=Users, OU=Support, OU=IT, DC=DOMAINNAME, DC=NET

    The first OU is the Object Type e.g. Users

    Base entry value =OU=Users, OU=Marketing, OU=Corporate, DC=DOMAINNAME, DC=NET

    The rest of the OU = Organization folder structure encapsulated folder first OU Node Marketing, second OU Node Corporate.

    Base entry value =OU=Users, OU=Marketing, OU=Corporate, DC=DOMAINNAME, DC=NET

    DC=DOMAINNAME, DC=NET FQDN (FQDN dots are separated by “, DC=” )

    Note that the Base entry works in reverse with the most nested Node which is the last child Node will be entered first, then in sequential order to the parent node then lastly the FQDN Node.

    Hope this helps.


    Add a comment
    10|10000 characters needed characters exceeded

Before answering

You should only submit an answer when you are proposing a solution to the poster's problem. If you want the poster to clarify the question or provide more information, please leave a comment instead, requesting additional details. When answering, please include specifics, such as step-by-step instructions, context for the solution, and links to useful resources. Also, please make sure that you answer complies with our Rules of Engagement.
You must be Logged in to submit an answer.

Up to 10 attachments (including images) can be used with a maximum of 1.0 MB each and 10.5 MB total.