Folks,
We are try to integrate two LDAPs 1) Microsoft ADS LDAP and 2) Microsoft ADAM .
The problem is I am not getting loginid info in identity management for ADAM Ldap . I am able to create the users but I am not able to login to the portal using created users . Wheneever I access the info for created users I get data inconsestence error in Identity management and the login ID field is empty . I am attaching the XML ..
*<?xml version="1.0" encoding="UTF-8"?>*
* *
*<!-- $Id:*
//shared_tc/com.sapall.security/630_SP_COR/src/_deploy/dist/configuration/shared/dataSourceConfiguration_ads_writeable_db.xml
#6 $ from $DateTime: 2004/08/20 09:55:24 $ ($Change: 17140 $) -->
<dataSources>
* <dataSource id="PRIVATE_DATASOURCE" className="com.sap.security.core.persistence.datasource.imp.DataBasePersistence"*
isReadonly="false" isPrimary="true">
* <homeFor>*
* <principal type="account">*
* <nameSpace name="$serviceUser$">*
* <attribute name="SERVICEUSER_ATTRIBUTE">*
* <values>*
* <value>IS_SERVICEUSER</value>*
* </values>*
* </attribute>*
* </nameSpace>*
* </principal>*
* <principal type="user">*
* <nameSpace name="$serviceUser$">*
* <attribute name="SERVICEUSER_ATTRIBUTE">*
* <values>*
* <value>IS_SERVICEUSER</value>*
* </values>*
* </attribute>*
* </nameSpace>*
* </principal>*
* <principal type="team"/>*
* <principal type="ROOT"/>*
* <principal type="OOOO"/>*
* </homeFor>*
* <notHomeFor/>*
* <responsibleFor>*
* <principal type="group"/>*
* <principal type="user"/>*
* <principal type="account"/>*
* <principal type="team"/>*
* <principal type="ROOT"/>*
* <principal type="OOOO"/>*
* </responsibleFor>*
* <notResponsibleFor/>*
* <attributeMapping/>*
* <privateSection/>*
* </dataSource>*
* <dataSource id="ADAM_LDAP" className="com.sap.security.core.persistence.datasource.imp.LDAPPersistence"*
isReadonly="false" isPrimary="true">
* <homeFor>*
* <principal type="account"/>*
* <principal type="user"/>*
* <principal type="group"/>*
* </homeFor>*
* <notHomeFor>*
* <principal type="user">*
* <nameSpace name="$serviceUser$">*
* <attribute name="SERVICEUSER_ATTRIBUTE">*
* <values>*
* <value>IS_SERVICEUSER</value>*
* </values>*
* </attribute>*
* </nameSpace>*
* </principal>*
* <principal type="account">*
* <nameSpace name="$serviceUser$">*
* <attribute name="SERVICEUSER_ATTRIBUTE">*
* <values>*
* <value>IS_SERVICEUSER</value>*
* </values>*
* </attribute>*
* </nameSpace>*
* </principal>*
* </notHomeFor>*
* <responsibleFor>*
* <principal type="account">*
* <nameSpace name="com.sap.security.core.usermanagement">*
* <attribute name="j_user"/>*
* <attribute name="logonalias"/>*
* <attribute name="j_password"/>*
* <attribute name="userid"/>*
* </nameSpace>*
* </principal>*
* <principal type="user">*
* <nameSpace name="com.sap.security.core.usermanagement">*
* <attribute name="firstname" populateInitially="true"/>*
* <attribute name="displayname" populateInitially="true"/>*
* <attribute name="lastname" populateInitially="true"/>*
* <attribute name="fax"/>*
* <attribute name="email"/>*
* <attribute name="title"/>*
* <attribute name="department"/>*
* <attribute name="description"/>*
* <attribute name="mobile"/>*
* <attribute name="telephone"/>*
* <attribute name="streetaddress"/>*
* <attribute name="uniquename" populateInitially="true"/>*
* </nameSpace>*
* <nameSpace name="com.sap.security.core.usermanagement.relation">*
* <attribute name="PRINCIPAL_RELATION_PARENT_ATTRIBUTE"/>*
* </nameSpace>*
* <nameSpace name="$usermapping$">*
* <attribute name="REFERENCE_SYSTEM_USER"/>*
* </nameSpace>*
* </principal>*
* <principal type="group">*
* <nameSpace name="com.sap.security.core.usermanagement">*
* <attribute name="displayname" populateInitially="true"/>*
* <attribute name="description" populateInitially="true"/>*
* <attribute name="uniquename"/>*
* </nameSpace>*
* <nameSpace name="com.sap.security.core.usermanagement.relation">*
* <attribute name="PRINCIPAL_RELATION_MEMBER_ATTRIBUTE"/>*
* <attribute name="PRINCIPAL_RELATION_PARENT_ATTRIBUTE"/>*
* </nameSpace>*
* <nameSpace name="com.sap.security.core.bridge">*
* <attribute name="dn"/>*
* </nameSpace>*
* </principal>*
* </responsibleFor>*
* <attributeMapping>*
<principal type="account">
<nameSpace name="com.sap.security.core.usermanagement">
<attribute name="j_user">
<physicalAttribute name="uid" />
</attribute>
<attribute name="logonalias">
<physicalAttribute name="uid" />
</attribute>
<attribute name="j_password">
<physicalAttribute name="unicodepwd" />
</attribute>
<attribute name="userid">
<physicalAttribute name="null" />
</attribute>
</nameSpace>
</principal>
<principal type="user">
<nameSpace name="com.sap.security.core.usermanagement">
<attribute name="firstname">
<physicalAttribute name="givenname" />
</attribute>
<attribute name="displayname">
<physicalAttribute name="displayname" />
</attribute>
<attribute name="lastname">
<physicalAttribute name="sn" />
</attribute>
<attribute name="fax">
<physicalAttribute name="facsimiletelephonenumber" />
</attribute>
<attribute name="uniquename">
<physicalAttribute name="uid" />
</attribute>
<attribute name="loginid">
<physicalAttribute name="null" />
</attribute>
<attribute name="email">
<physicalAttribute name="mail" />
</attribute>
<attribute name="mobile">
<physicalAttribute name="mobile" />
</attribute>
<attribute name="telephone">
<physicalAttribute name="telephonenumber" />
</attribute>
<attribute name="department">
<physicalAttribute name="ou" />
</attribute>
<attribute name="description">
<physicalAttribute name="description" />
</attribute>
<attribute name="streetaddress">
<physicalAttribute name="postaladdress" />
</attribute>
<attribute name="pobox">
<physicalAttribute name="postofficebox" />
</attribute>
</nameSpace>
<nameSpace name="com.sap.security.core.usermanagement.relation">
<attribute name="PRINCIPAL_RELATION_PARENT_ATTRIBUTE">
<physicalAttribute name="memberof" />
</attribute>
</nameSpace>
<nameSpace name="$usermapping$">
<attribute name="REFERENCE_SYSTEM_USER">
<physicalAttribute name="sapusername" />
</attribute>
</nameSpace>
</principal>
<principal type="group">
<nameSpace name="com.sap.security.core.usermanagement">
<attribute name="displayname">
<physicalAttribute name="displayname" />
</attribute>
<attribute name="description">
<physicalAttribute name="description" />
</attribute>
<attribute name="uniquename" populateInitially="true">
<physicalAttribute name="cn" />
</attribute>
</nameSpace>
<nameSpace name="com.sap.security.core.usermanagement.relation">
<attribute name="PRINCIPAL_RELATION_MEMBER_ATTRIBUTE">
<physicalAttribute name="member" />
</attribute>
<attribute name="PRINCIPAL_RELATION_PARENT_ATTRIBUTE">
<physicalAttribute name="memberof" />
</attribute>
</nameSpace>
<nameSpace name="com.sap.security.core.bridge">
<attribute name="dn">
<physicalAttribute name="null" />
</attribute>
</nameSpace>
</principal>
</attributeMapping>
<privateSection>
* <ume.ldap.access.server_type>MSADS</ume.ldap.access.server_type>*
* <ume.ldap.access.context_factory>com.sun.jndi.ldap.LdapCtxFactory</ume.ldap.access.context_factory>*
* <ume.ldap.access.authentication>simple</ume.ldap.access.authentication>*
* <ume.ldap.access.flat_group_hierachy>true</ume.ldap.access.flat_group_hierachy>*
* <ume.ldap.access.user_as_account>true</ume.ldap.access.user_as_account>*
* <ume.ldap.access.dynamic_groups>false</ume.ldap.access.dynamic_groups>*
* *
<ume.ldap.access.ssl_socket_factory>com.sap.security.core.server.https.SecureConnectionFactory</ume.ldap.access.ssl_socket_fa
ctory>
* <ume.ldap.access.objectclass.user>User</ume.ldap.access.objectclass.user>*
* <ume.ldap.access.objectclass.uacc>User</ume.ldap.access.objectclass.uacc>*
* <ume.ldap.access.objectclass.grup>Group</ume.ldap.access.objectclass.grup>*
* <ume.ldap.access.naming_attribute.user>cn</ume.ldap.access.naming_attribute.user>*
* <ume.ldap.access.naming_attribute.uacc>cn</ume.ldap.access.naming_attribute.uacc>*
* <ume.ldap.access.naming_attribute.grup>cn</ume.ldap.access.naming_attribute.grup>*
* <ume.ldap.access.server_name>XXXXXXX</ume.ldap.access.server_name>*
* <ume.ldap.access.server_port>389</ume.ldap.access.server_port>*
* <ume.ldap.access.ssl>false</ume.ldap.access.ssl>*
* <ume.ldap.access.user>XXXXX</ume.ldap.access.user>*
* <ume.ldap.access.password>$ume.ldap.access.additional_password.2</ume.ldap.access.password>*
* <ume.ldap.access.base_path.user>XXXXXXX</ume.ldap.access.base_path.user>*
* <ume.ldap.access.base_path.grup>XXXXXXX</ume.ldap.access.base_path.grup>*
* </privateSection>*
* </dataSource>*
* <dataSource id="CORP_LDAP" className="com.sap.security.core.persistence.datasource.imp.LDAPPersistence"*
isReadonly="true" isPrimary="true">
* <homeFor/>*
* <responsibleFor>*
* <principal type="account">*
* <nameSpace name="com.sap.security.core.usermanagement">*
* <attribute name="j_user"/>*
* <attribute name="logonalias"/>*
* <attribute name="j_password"/>*
* <attribute name="userid"/>*
* </nameSpace>*
* <nameSpace name="com.sap.security.core.authentication">*
* <attribute name="principal"/>*
* <attribute name="realm"/>*
* <attribute name="domain"/>*
* </nameSpace>*
* </principal>*
* <principal type="user">*
* <nameSpace name="com.sap.security.core.usermanagement">*
* <attribute name="firstname" populateInitially="true"/>*
* <attribute name="displayname" populateInitially="true"/>*
* <attribute name="lastname" populateInitially="true"/>*
* <attribute name="fax"/>*
* <attribute name="email"/>*
* <attribute name="title"/>*
* <attribute name="department"/>*
* <attribute name="description"/>*
* <attribute name="mobile"/>*
* <attribute name="telephone"/>*
* <attribute name="streetaddress"/>*
* <attribute name="uniquename" populateInitially="true"/>*
* </nameSpace>*
* <nameSpace name="com.sap.security.core.usermanagement.relation">*
* <attribute name="PRINCIPAL_RELATION_PARENT_ATTRIBUTE"/>*
* </nameSpace>*
* <nameSpace name="$usermapping$">*
* <attribute name="REFERENCE_SYSTEM_USER"/>*
* </nameSpace>*
* </principal>*
* <principal type="group">*
* <nameSpace name="com.sap.security.core.usermanagement">*
* <attribute name="displayname" populateInitially="true"/>*
* <attribute name="description" populateInitially="true"/>*
* <attribute name="uniquename"/>*
* </nameSpace>*
* <nameSpace name="com.sap.security.core.usermanagement.relation">*
* <attribute name="PRINCIPAL_RELATION_MEMBER_ATTRIBUTE"/>*
* <attribute name="PRINCIPAL_RELATION_PARENT_ATTRIBUTE"/>*
* </nameSpace>*
* <nameSpace name="com.sap.security.core.bridge">*
* <attribute name="dn"/>*
* </nameSpace>*
* </principal>*
* </responsibleFor>*
* <attributeMapping>*
* <principal type="account">*
* <nameSpace name="com.sap.security.core.usermanagement">*
* <attribute name="j_user">*
* <physicalAttribute name="samaccountname"/>*
* </attribute>*
* <attribute name="logonalias">*
* <physicalAttribute name="samaccountname"/>*
* </attribute>*
* <attribute name="j_password">*
* <physicalAttribute name="unicodepwd"/>*
* </attribute>*
* <attribute name="userid">*
* <physicalAttribute name="null"/>*
* </attribute>*
* </nameSpace>*
* <nameSpace name="com.sap.security.core.authentication">*
* <attribute name="principal">*
* <physicalAttribute name="samaccountname"/>*
* </attribute>*
* <attribute name="realm">*
* <physicalAttribute name="null"/>*
* </attribute>*
* <attribute name="domain">*
* <physicalAttribute name="null"/>*
* </attribute>*
* </nameSpace>*
* </principal>*
* <principal type="user">*
* <nameSpace name="com.sap.security.core.usermanagement">*
* <attribute name="firstname">*
* <physicalAttribute name="givenname"/>*
* </attribute>*
* <attribute name="displayname">*
* <physicalAttribute name="displayname"/>*
* </attribute>*
* <attribute name="lastname">*
* <physicalAttribute name="sn"/>*
* </attribute>*
* <attribute name="fax">*
* <physicalAttribute name="facsimiletelephonenumber"/>*
* </attribute>*
* <attribute name="uniquename">*
* <physicalAttribute name="samaccountname"/>*
* </attribute>*
* <attribute name="loginid">*
* <physicalAttribute name="null"/>*
* </attribute>*
* <attribute name="email">*
* <physicalAttribute name="mail"/>*
* </attribute>*
* <attribute name="mobile">*
* <physicalAttribute name="mobile"/>*
* </attribute>*
* <attribute name="telephone">*
* <physicalAttribute name="telephonenumber"/>*
* </attribute>*
* <attribute name="department">*
* <physicalAttribute name="ou"/>*
* </attribute>*
* <attribute name="description">*
* <physicalAttribute name="description"/>*
* </attribute>*
* <attribute name="streetaddress">*
* <physicalAttribute name="postaladdress"/>*
* </attribute>*
* <attribute name="pobox">*
* <physicalAttribute name="postofficebox"/>*
* </attribute>*
* </nameSpace>*
* <nameSpace name="com.sap.security.core.usermanagement.relation">*
* <attribute name="PRINCIPAL_RELATION_PARENT_ATTRIBUTE">*
* <physicalAttribute name="memberof"/>*
* </attribute>*
* </nameSpace>*
* <nameSpace name="$usermapping$">*
* <attribute name="REFERENCE_SYSTEM_USER">*
* <physicalAttribute name="sapusername"/>*
* </attribute>*
* </nameSpace>*
* </principal>*
* <principal type="group">*
* <nameSpace name="com.sap.security.core.usermanagement">*
* <attribute name="displayname">*
* <physicalAttribute name="displayname"/>*
* </attribute>*
* <attribute name="description">*
* <physicalAttribute name="description"/>*
* </attribute>*
* <attribute name="uniquename" populateInitially="true">*
* <physicalAttribute name="cn"/>*
* </attribute>*
* </nameSpace>*
* <nameSpace name="com.sap.security.core.usermanagement.relation">*
* <attribute name="PRINCIPAL_RELATION_MEMBER_ATTRIBUTE">*
* <physicalAttribute name="member"/>*
* </attribute>*
* <attribute name="PRINCIPAL_RELATION_PARENT_ATTRIBUTE">*
* <physicalAttribute name="memberof"/>*
* </attribute>*
* </nameSpace>*
* <nameSpace name="com.sap.security.core.bridge">*
* <attribute name="dn">*
* <physicalAttribute name="null"/>*
* </attribute>*
* </nameSpace>*
* </principal>*
* </attributeMapping>*
* <privateSection>*
* <ume.ldap.access.server_type>MSADS</ume.ldap.access.server_type>*
* <ume.ldap.access.context_factory>com.sun.jndi.ldap.LdapCtxFactory</ume.ldap.access.context_factory>*
* <ume.ldap.access.authentication>simple</ume.ldap.access.authentication>*
* <ume.ldap.access.flat_group_hierachy>true</ume.ldap.access.flat_group_hierachy>*
* <ume.ldap.access.user_as_account>true</ume.ldap.access.user_as_account>*
* <ume.ldap.access.dynamic_groups>false</ume.ldap.access.dynamic_groups>*
* *
<ume.ldap.access.ssl_socket_factory>com.sap.security.core.server.https.SecureConnectionFactory</ume.ldap.access.ssl_socket_fa
ctory>
* <ume.ldap.access.objectclass.user>User</ume.ldap.access.objectclass.user>*
* <ume.ldap.access.objectclass.uacc>User</ume.ldap.access.objectclass.uacc>*
* <ume.ldap.access.objectclass.grup>Group</ume.ldap.access.objectclass.grup>*
* <ume.ldap.access.naming_attribute.user>cn</ume.ldap.access.naming_attribute.user>*
* *
<ume.ldap.access.auxiliary_naming_attribute.user>samaccountname</ume.ldap.access.auxiliary_naming_attribute.user>
* <ume.ldap.access.naming_attribute.uacc>cn</ume.ldap.access.naming_attribute.uacc>*
* *
<ume.ldap.access.auxiliary_naming_attribute.uacc>samaccountname</ume.ldap.access.auxiliary_naming_attribute.uacc>
* <ume.ldap.access.naming_attribute.grup>cn</ume.ldap.access.naming_attribute.grup>*
* <ume.ldap.access.server_name>XXXXX</ume.ldap.access.server_name>*
* <ume.ldap.access.server_port>389</ume.ldap.access.server_port>*
* <ume.ldap.access.ssl>false</ume.ldap.access.ssl>*
* <ume.ldap.access.user>XXX</ume.ldap.access.user>*
* <ume.ldap.access.password>$ume.ldap.access.additional_password.1</ume.ldap.access.password>*
* <ume.ldap.access.base_path.user>XXXXXXX</ume.ldap.access.base_path.user>*
* <ume.ldap.access.base_path.grup>XXXXXXXX</ume.ldap.access.base_path.grup>*
* </privateSection>*
* </dataSource>*
</dataSources>