Skip to Content
avatar image
Former Member

LDAP/AD Single sign on setting and complete steps please

Hi Gurus,

Here I got requirement, from client as details given below to settup single sign with Active directory with following details. How to settup single sign on with the follwing detail. Want to know how the authentication works in EP from AD

strDN:"LDAP://dir.svc.sigpol.com/CN="& strUserName &",ou=People.dc,dc=svc,dc=sigpol,dc.com"

Set objNamespace = GetObject("LDAP:")

Set objUser=objNames.OpenDSObject(strDn, strUserName & "@sigpol.com",strPass, 0)

Would anybody explain me what is this and how it is going help me in setting Active Directry Single sign. So please with step by step explain me and provide step by step procedure

Thanks

Happy

Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

1 Answer

  • Jul 12, 2007 at 10:07 PM

    Regarding your first question - "how the authentication works in EP from AD" :

    Normally when SAP customers want to use Active Directory authentication with EP, and implement Single SignOn at the same time, they use the fact that the user has already authenticated on the workstation when they logged onto the Windows domain. When the user logs onto the domain account at the workstation, Windows has cached Kerberos credentials for the user. You can use these cached credentials to authenticate the user to the SAP applications, such as EP via a browser. This is done using a Java login module installed on EP server(s). You can either use the SAP SPNEGO login module, or the CyberSafe TrustBroker Adapter product (see" target="_blank">http://www.cybersafe.com/links/adapter.htm">see this link) to do this. If you would like to understand the differences more, please let me know.

    For your second question - "explain me what is this and how it is going help me ..." :

    The info you have provided is not 100% clear to me, but it looks like some sort of LDAP configuration. The LDAP protocol is supported by Active Directory, and might be used to implement "common authentication" with EP, but it will not give you the same Single SignOn solution as mentioned above.

    If you can provide more details on what you are trying to achieve, and any questions you may have on the above I will be happy to help.

    Thanks,

    Tim

    Add comment
    10|10000 characters needed characters exceeded