on 06-13-2007 7:56 AM
Hi All
I have an LDAP connection to Active Directory and for some reason it keeps returning computer accounts? Is it possible to specify somewhere that it will only return users?
Thanks
for your help!
Phil
We had to add the following to the xml data source configuration file for UM to exclude systems;
<ume.ldap.access.ssl_socket_factory>com.sap.security.core.server.https.SecureConnectionFactory</ume.ldap.access.ssl_socket_factory>
<ume.ldap.negative_user_filter>useraccountcontrol=[514,509];objectclass=[computer]
</ume.ldap.negative_user_filter>
<ume.ldap.access.objectclass.user>User</ume.ldap.access.objectclass.user>
<ume.ldap.access.objectclass.uacc>User</ume.ldap.access.objectclass.uacc>
<ume.ldap.access.objectclass.grup>Group</ume.ldap.access.objectclass.grup>
<ume.ldap.access.naming_attribute.user>cn</ume.ldap.access.naming_attribute.user>
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Phil
Perhaps the documentation will help you further on this (even though it states the same as pointed out in the previous post): http://help.sap.com/saphelp_nw70/helpdata/en/9a/f43541b9cc4c0de10000000a1550b0/frameset.htm
Bear in mind that this filtering is performed each time the UME API is used, so the filter will be used whenever a user logs on to the portal (if you use integrated authentication), use the people picker to look up a person, etc. etc. And it will eat up some performance. If possible let the LDAP configuration in the portal point to the exact OU where the users reside. Often this is not possible though.
Kind regards,
Martin
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
84 | |
10 | |
10 | |
9 | |
7 | |
6 | |
5 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.