Вы находитесь на странице: 1из 7

How to Integrate Active Directory or LDAP with UME of SAP Enterprise Portal

Active Directory or LDAP with UME of SAP Enterprise Portal Applies to: SAP Enterprise Portal (04&04s).

Applies to:

SAP Enterprise Portal (04&04s). For more information, visit the Portal and Collaboration Homepage For more information, visit the Portal and Collaboration homepage.

Summary

This article gives the step-by-step information about integration of Active Directory with Portal UME

Author:

Rudradev Devulapalli

Company:

Satyam Computer Services Ltd

Created on: 28 January 2009

Author Bio

Services Ltd Created on: 28 January 2009 Author Bio Rudradev Devulapalli is an Enterprise Portal Consultant

Rudradev Devulapalli is an Enterprise Portal Consultant at Satyam Computer Services Ltd.

SAP COMMUNITY NETWORK

SDN - sdn.sap.com | BPX - bpx.sap.com | BOC - boc.sap.com

How to Integrate Active Directory or LDAP with UME of SAP Enterprise Portal

Table of Contents

Objective

3

Prerequisites

3

Procedure

3

Active Directory Configuration

3

UME LDAP Configuration Tool

3

Entering the Connection Data for the LDAP Server

4

Related Content

6

Disclaimer and Liability Notice

7

SAP COMMUNITY NETWORK

SDN - sdn.sap.com | BPX - bpx.sap.com | BOC - boc.sap.com

How to Integrate Active Directory or LDAP with UME of SAP Enterprise Portal

Objective

This document covers the steps involved in configuring Active Directory as data source for the SAP Enterprise Portal. It discusses configuration steps that need to be done on Active directory and Enterprise Portal for achieving the Active Directory as UME for Portal.

Prerequisites

Installed a SAP Web Application Server Java where the UME is configured to use the database of the J2EE Engine as data source.

The LDAP directory has a hierarchy of users and groups that is supported by UME.

The administrator of the LDAP directory must create a user that UME can use to connect to the LDAP server. This user should have read and search permissions for all branches of the LDAP directory.

Procedure

Active Directory Configuration

Create service user EPSRVCUSER pwd: xxxxxxxx

o

Select “User cannot change password”

o

Select “Password never expires”

Configure the service user

o

Select “Use DES encryption types for this account”

o

Set Service Principal Name (SPN)

setspn -A HTTP/server.domain.org EPSRVCUSER Check service user configuration

Export LDAP attributes ldifde –r (samaccountname=EPSRVCUSER) –f out.ldf

Check “userPrincipalName”

Check “servicePrincipalName”

UME LDAP Configuration Tool

Start the Configuration Tool by executing <SAPJ2EEEngine_installation>\j2ee\configtool\configtool.bat .

. • In the Configuration Tool, choose UME LDAP data . SAP

In the Configuration Tool, choose UME LDAP data.

SAP COMMUNITY NETWORK

SDN - sdn.sap.com | BPX - bpx.sap.com | BOC - boc.sap.com

How to Integrate Active Directory or LDAP with UME of SAP Enterprise Portal

Active Directory or LDAP with UME of SAP Enterprise Portal • In the LDAP configuration tool

In the LDAP configuration tool under Data Source Configuration file, choose Browse and browse to the new configuration file - dataSourceConfiguration_ads_readonly_db_with_krb5.xml

- dataSourceC onfiguration_ads_readonly_db_with_krb5.xml • Choose Upload . • The configuration file is

Choose Upload.

The configuration file is uploaded and you can now choose it from the list of configuration files.

Entering the Connection Data for the LDAP Server

Start the Configuration Tool by executing <SAPJ2EEEngine_installation>\j2ee\configtool\configtool.bat .

In the Configuration Tool, choose UME LDAP data.

Enter the connection details for your LDAP data source as follows.

SAP COMMUNITY NETWORK

SDN - sdn.sap.com | BPX - bpx.sap.com | BOC - boc.sap.com

How to Integrate Active Directory or LDAP with UME of SAP Enterprise Portal

 

Field Name

Value

 

LDAP Server Type

MICROSOFT ADS – Predefined

 

Server Name

<SERVER>

 

Server Port

<SYS.ID >

 

User

Service User*

 

Password

Password of the Service User*

 

SSL

Not Selected

 

UME unique id with unique LDAP attribute

Samaccountname

 

User Path

CN=Users,DC=<SAP>,DC=org

 

Group Path

CN=Users,DC=<SAP>,DC=org

 

*Service User and Password is created in LDAP. It is used to connect (bind) to the LDAP directory server. The user which was created in the process of integrating windows file share in to SAP KM can be used for this purpose.

To test the data you entered:

Choose Test connection to establish a connection with the user ID and password you entered.

a connection with the user ID and password you entered. Choose Test authentication to establish a

Choose Test authentication to establish a connection with a user ID and password that you provide in a dialog box.

a user ID and password that you provide in a dialog box. • Choose ‘Apply Changes’

Choose ‘Apply Changes’ to save changes.

Restart the java application server.

SAP COMMUNITY NETWORK

SDN - sdn.sap.com | BPX - bpx.sap.com | BOC - boc.sap.com

How to Integrate Active Directory or LDAP with UME of SAP Enterprise Portal

Related Content

For more information, visit the Portal and Collaboration homepage.

SAP COMMUNITY NETWORK

SDN - sdn.sap.com | BPX - bpx.sap.com | BOC - boc.sap.com

How to Integrate Active Directory or LDAP with UME of SAP Enterprise Portal

Disclaimer and Liability Notice

This document may discuss sample coding or other information that does not include SAP official interfaces and therefore is not supported by SAP. Changes made based on this information are not supported and can be overwritten during an upgrade.

SAP will not be held liable for any damages caused by using or misusing the information, code or methods suggested in this document, and anyone using these methods does so at his/her own risk.

SAP offers no guarantees and assumes no responsibility or liability of any type with respect to the content of this technical article or code sample, including any liability resulting from incompatibility between the content within this document and the materials and services offered by SAP. You agree that you will not hold, or seek to hold, SAP responsible or liable with respect to the content of this document.

SAP COMMUNITY NETWORK

SDN - sdn.sap.com | BPX - bpx.sap.com | BOC - boc.sap.com