on 01-29-2018 10:57 PM
Hi,
In this moment, IDM work fine on "Self-Service Password Reset" and "Logon Help" environment, but i need introduce a change. The LogonUID from my SAP ERP is diferente to the CN attributes en my LDAP (Active Directory). With this landscape, the password change flow not work because the users are diferents on both sources (ERP and LDAP). I can´t rename objects on any source, but i thing that i can use attribute %UserAlias% from my ERP on my IDM Deployment, but i dont know how to do it.
Please help me.
Thanks,
Paul Pedroza
Dear C Kumar,
Thanks a lot for your suggest. The users on Active Directory can´t be modified because they are read from another integrated applications with LDAP.
The other way that i thing can use, is set the UserAlias field from my ERP with the same value that i have on "SamAccountName" or "Common Name" from Active Directory and after, sync it this, but i dont know how map the field UserAlias to the Active Directory over CN or SAN, like in the follow image:
Which values i do modified on the ABAP or AD connector on IDM?
Thanks,
Paul Pedroza
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello Edison,
SAP field useralias stores the alias name of the user and it is already mapped in the CreateABAPUser and UpdateABAPUser pass. The default mapping is useralias to MX_LOGONALIAS however as per your requirement you can change it to MSKEYVALUE or ACCOUNT<AD_REP_NAME>.
Regards,
C Kumar
Hello Edison,
In such case, you need to find a common identifier to map the user to all the system correctly. An alias can be used however another better way is to use Active Directory field samAccountname as MSKEYVALUE in IDM, if its store the user id in AD.
Regards,
C Kumar
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
88 | |
10 | |
10 | |
9 | |
6 | |
6 | |
6 | |
5 | |
4 | |
3 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.