Skip to Content
0
Former Member
Apr 19, 2010 at 06:11 PM

LDAP CUA problem -- Could not logon to directory

648 Views

Hi Experts,

I'm facing difficulties in accessing Active directory from SAP.

The LDAP Connectors were setup correctly (status with Green light).

The System User were also setup as: UserID :DirectoryUser; Distinguished Name:"cn=DirectoryManager" (DirectoryManager is a username in my Active Directory)

The LDAP Servers were also setup as: Hostname="sapserver001.abc.com", port number="389", Product name="MS03 Microsoft Windows 2003 Active Directory (Domain Mode)", Protocol Version="LDAP Version 3", LDAP Application="User", Base entry ="ou=Company00", System Logon="DirectoryUser"

But when I tried to logon the directory, system returns message:"Could not logon to directory"

Could not logon to directory
Message no. LDAPRC049

Diagnosis
The combination of user name (DN) and password transferred to the directory was not accepted by the directory.


Procedure
Check the set or entered data for the user and password for the directory.

If you are using an application with which you do not need to enter this data directly, you can find the data as configuration setting in the LDAP server used ("System User" field).

Procedure for System Administration
Check whether you can log on to the directory with the entered data using the LDAP protocol.

Note: A frequent error when using the Microsoft Active Directory is that the user enters their Microsoft Windows user name instead of the full Distinguished Name, since it is also possible to log on to the directory using this Microsoft Windows logon with Microsoft tools (such as ldp.exe). However, these tools do not use the user/password logon used by the SAP system.

Could anyone help me find the solution?

For more information, I'm using Windows server 2003 as my AD server.

Ad server: sapserver001.abc.com

sap server:sapserver002.abc.com

In the control panel of sapserver001.abc.com., I open "Active Directory users and computers", within abc.com, I created an OU as "Company00", and under that OU, I created the InetOrgPerson "DirectoryManager".

That's all the information I can provide.

Any suggestions will be appreciated.

Thank you very much in advance.

Best regards,

Nick