Tuesday, May 28
Pointing UME of Portal to Active directory or LDAP
To give a background of UME : UME stands for user management engine of sap enterprise portal. It stores the user attributes like groups, roles, user names, user contact details etc.
UME can be configured to take all the above data from various data sources like active directory or LDAP, SAP CRM system, SAP J2EE engine database etc.
In this post we are going to learn the steps required to integrate Active directory or LDAP with the UME of portal.
before you start configuring the UME to use LDAP, 4 things needs to be in place:
1. During installation of WAS ie web application server, UME was configured to use J2EE engine database as data source.
2. LDAP consists of a hierarchy of users and groups which are supported by the UME of portal.
3. Data source configuration XML file is in place. This file can be obtained from the administrator of LDAP.
4. The administrator of LDAP has created a user using which Portal UME can connect to LDAP. The user created for connection purpose must have read and search permissions. This user is called service user. UserID and password of service user can be obtained from the administrator of LDAP.
If above 4 things are in place, you are all set to go ahead and configure UME of portal to use LDAP as a user data source.
Step1. Start the configuration tool by executing\j2ee\configtool\configtool.bat.
Choose UME LDAP in the configuration tool as shown below
In the LDAP configuration tool under Data Source Configuration file, choose Browse and browse to the new configuration file dataSourceConfiguration_ads_readonly_db_with_krb5.xml
Choose upload.
Step2. Enter connection data to LDAP server. Service user provided by LDAP administrator be used in this step.
Start the config tool as explained in step1, go to connection data and enter connection data with below values
LDAP Server Type MICROSOFT ADS – Predefined
Server Name
Server Port
User Service User*
Password Password of the Service User*
SSL Not Selected
UME unique id with unique LDAP attribute Samaccountname
User Path CN=Users,DC=,DC=org
Group Path CN=Users,DC=,DC=org
Then chose test connection to test the connection with LDAP with the data you entered above. Thats it !!! done with LDAP configuration !
Please feel free to add comments to this blog post to improve it...
UME can be configured to take all the above data from various data sources like active directory or LDAP, SAP CRM system, SAP J2EE engine database etc.
In this post we are going to learn the steps required to integrate Active directory or LDAP with the UME of portal.
before you start configuring the UME to use LDAP, 4 things needs to be in place:
1. During installation of WAS ie web application server, UME was configured to use J2EE engine database as data source.
2. LDAP consists of a hierarchy of users and groups which are supported by the UME of portal.
3. Data source configuration XML file is in place. This file can be obtained from the administrator of LDAP.
4. The administrator of LDAP has created a user using which Portal UME can connect to LDAP. The user created for connection purpose must have read and search permissions. This user is called service user. UserID and password of service user can be obtained from the administrator of LDAP.
If above 4 things are in place, you are all set to go ahead and configure UME of portal to use LDAP as a user data source.
Step1. Start the configuration tool by executing
Choose UME LDAP in the configuration tool as shown below
Choose upload.
Step2. Enter connection data to LDAP server. Service user provided by LDAP administrator be used in this step.
Start the config tool as explained in step1, go to connection data and enter connection data with below values
LDAP Server Type MICROSOFT ADS – Predefined
Server Name
Server Port
User Service User*
Password Password of the Service User*
SSL Not Selected
UME unique id with unique LDAP attribute Samaccountname
User Path CN=Users,DC=
Group Path CN=Users,DC=
Then chose test connection to test the connection with LDAP with the data you entered above. Thats it !!! done with LDAP configuration !
Please feel free to add comments to this blog post to improve it...
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment
You are welcome to express your views here...