Skip to Content
0
Former Member
Jan 29, 2009 at 10:55 AM

CUA Usersynch-Problem - Microsoft AD Extension necessary?

78 Views

Hi Experts,

Situation

We want our CUA to be synchronized with the Microsoft Active Directory.

Used Software:

Microsoft Server 2003 - 32-bit

Active Directory - Domain Mode

CUA - NW 7.0 System (SAP Solution Manager)

Done

LDAP Connection is established

(Server, Connector, Systemuser etc. arer configured and working)

Mapping/Synchronize

- Initial

-- Import Propsal

-- SA38 - RSLDAPSYNC_USER

-- No objects found in DB or in directory

-- no errors

- TRIAL2 - replaced SAPUsername with samaccountname

-- SA38 - RSLDAPSYNC_USER

-- found the objects in directory but NONE in the DB

-- no errors

Conclusion:

This seems to be a filtering problem. (SAPUsername == samaccountname)

As shown in SAP Help, I run the report RSLDAPSCHEMAEXT for the MS AD 2003 (Domain Mode)

to extend the AD scheme. But the file contains a lot of extensions to the scheme, but only the extension of the "SAPusername" seems to be necessary? I am afraid of damaging our Active Directory.

Questions:

Is there a possibility to define samaccountname as the value of SAPUsername?

Or could there be other reasons instead of filtering problems?

If nothing else is possible, is the extension of the AD scheme completely necessary or is there a possibility to extend the AD scheme only for the attribute SAPUsername?

kind regards

Tom