Skip to Content
author's profile photo Former Member
Former Member

How to create a user in the local ume database when using write access to connected ldap

Hello,

I have to create a user in the local UME database of an SAP Portal where the userstore is also connected to a ldap source with write access.

Due to write access the ume always tries to create the user in the ldap directory, but I don't want this.

Is there any way to choose the destination of a newly created user?

Many thanks

Roland

Add a comment
10|10000 characters needed characters exceeded

Related questions

3 Answers

  • Posted on Apr 12, 2012 at 01:53 PM

    Roland,

    This will not be possible..

    If you are using UME APIs to create users, they will always be created in the storage space the UME service points to, you will get exception if the User Store is set in Read Only Mode..

    But what is the requirement, why do you need to create users in Portal DB when using LDAP????

    Sandip

    Add a comment
    10|10000 characters needed characters exceeded

    • Former Member

      Hello Sandip,

      the need of this comes out of monitoring purposes.

      We are connecting all of our system (abap, java etc.) to our solution manager. We have many Portals with ldap user store for reading purposes and the mentioned one also with write acess to a specific destination in our MS Active Directory.

      Now we've already connected our other portals to the solution manager and therefore created a monitoring user in each of the portal systems.

      When we want to do this user creation also in our ldap writeable portal we have the conflict that this user (same username for all java systems) will also be visible for the other portals and therefor their logon ability with this user is gone because the sap systems aren't able to distinguish between the local monitoring user and the one in the ldap store.

      And also we don't want to mix up our "normal" portal user with the monitoring purposes user in the ldap store.

      Do you understand our need for this?

      Thanks!

      Roland

  • Posted on Apr 12, 2012 at 02:36 PM

    Hi,

    Check if below thread helps:

    http://scn.sap.com/thread/1776815

    Thanks,

    Rupali

    Add a comment
    10|10000 characters needed characters exceeded

  • author's profile photo Former Member
    Former Member
    Posted on Apr 17, 2012 at 06:24 AM

    Hello everyone,

    I solved the problem by a 'special' trick:

    1.) Create the required user in an other portal where the default user store ist the local UME DB

    2.) Export the user (a file is created with the necessary infos)

    3.) Create the required user in the by portal where the ldap write access is possible but be aware and do not create a normal user. Create an 'internal service user' because it's default user store is the local UME db (see sap-xml file)

    4.) Then you have to import the previously exported user into the portal with the flag 'overwrite existing settings' By this import the already existing user is changed from internal service user to 'normal' user and it's userstore stays local UME db

    finished.

    Hopefully anyone else with this problem can use this trick too.

    Anyway thank you very much!

    Roland

    Add a comment
    10|10000 characters needed characters exceeded

Before answering

You should only submit an answer when you are proposing a solution to the poster's problem. If you want the poster to clarify the question or provide more information, please leave a comment instead, requesting additional details. When answering, please include specifics, such as step-by-step instructions, context for the solution, and links to useful resources. Also, please make sure that you answer complies with our Rules of Engagement.
You must be Logged in to submit an answer.

Up to 10 attachments (including images) can be used with a maximum of 1.0 MB each and 10.5 MB total.