Hi all,
I connected our ADS to UME. I have several subdomains in the ADS which are accessed via global catalog. To configure the ume for global catalog I changed the
j_user attribute from samaccountname to userprincipalname and the
uniquename attribute from samaccountname to userprincipalname
and I use the port 3268 for access the ads via global catalog. And I added the attribute domain_j_user="samaccountname" in the 'account' principal. It works fine.
But the problem is that I have some SAPTransaction iViews which access the underlying system with logontickets. So these iviews don't work anymore because the logonticket passes the "user@domain.com" and not the "user" without the added domain in the logonticket. Our sap System knows only "user" not "user@domain.com" so it doesn't accept access.
If I change the uniquename back to samaccountname it works again. But then the uniquename is not unique anymore because users in different subdomains can have the sam samaccountname. So users with the same logonname in other subdomains can access the iviews with the SAP user account which is not theirs but only the same logonname.
Does anybody know how to fix this issue?
Regards Manuel
Message was edited by:
Manuel Horn