Skip to Content
0

Ignoring disabled user in LDAP with Portal 7.5

Mar 21 at 02:28 PM

72

avatar image
Former Member

Hi

We need our SAP Portal UME, that is connected to the LDAP, to ignore users that are disabled on our LDAP system.

Is there a parameter i can set to make the UME ignore all the disabled users?

Thanks!

Yoav

10 |10000 characters needed characters left characters exceeded
* Please Login or Register to Answer, Follow or Comment.

4 Answers

Best Answer
avatar image
Former Member Apr 09 at 12:58 PM
0

Hi.

We solved the issue by editing the dataSourceConfiguration_ads_readonly_db_with_krb5......xml and adding at the end of it, under <privateSection>, the following line which filters the disabled users:

<privateSection>

<ume.ldap.negative_user_filter>useraccountcontrol=[514,546,66050,66082,262658,262690,328194,328226];objectclass=[computer]</ume.ldap.negative_user_filter>

The numbers are LDAP codes that by adding them you filter out the disabled users.

Thanks!

Yoav

Share
10 |10000 characters needed characters left characters exceeded
Fabio Sarmento
Mar 26 at 08:52 PM
1

I could not find such flag. Deleting the users would not be an option for you?

Share
10 |10000 characters needed characters left characters exceeded
Herman Lin
Mar 27 at 07:36 AM
1

Hi Yoav,

Yep, there is no option to filter out those undesired users from LDAP server. You might need to remove those user directly from LDAP.

You could refer to below help url for more information: https://help.sap.com/saphelp_nw70ehp1/helpdata/en/48/d1d13f7fb44c21e10000000a1550b0/frameset.htm

Regards,
Herman

Share
10 |10000 characters needed characters left characters exceeded
Hemanth Kumar
Jun 18 at 06:59 PM
0

Dear Yoav,

Hope you are doing good.

This information is also documented in SAP NOTE ##2150353 - AS Java User Management Engine LDAP Negative and Positive User Filter.

Kind Regards, Hemanth Kumar |
SAP Product Support
*****************************************************************************

Share
10 |10000 characters needed characters left characters exceeded