Howto Configure Multiple Ldap Servers for Ep6.0

Please download to get full document.

View again

of 10
20 views
All materials on our website are shared by users. If you have any questions about copyright issues, please report us to resolve them. We are always happy to assist you.

Download

Document Related
Document Description
sap
Document Share
Document Tags
Document Transcript
  How to… Configure UME for Multiple LDAP Data Sources E NTERPRISE P ORTAL 6.0   PUBLIC V ERSION 1.0  ASAP “How to…” Paper     Applicable Releases: EP 6.0, SP 2 May 2004 .  HOWTO   C ONFIGURE M ULTIPLE LDAP   S ERVERS FOR EP   6.0 DRAFT 1 Scenario You need to authenticate against multiple LDAP directory servers with EP6.0. SAP’s delivered configuration files do not properly address your enviromnent. 1.1 Overview of UME Architecture UME user data is stored in one or more data sources. Each type of data source has its own persistence adapter. The persistence manager consults the persistence adapters when creating, reading, writing, and searching user management data. Persistence adapters for the following types of repositories are available: 1.  Database: See the Product Availability Matrix on SAP Service Marketplace ( http://service.sap.com/pam60 ) for details on which databases are supported. 2.   ã   Lightweight Directory Access Protocol (LDAP) directory: See the Product Availability Matrix on SAP Service Marketplace ( http://service.sap.com/pam60 ) for details on which directories are supported. 3.  SAP Systems based on Web Application Server 6.20 You can configure UME to use one or more of these persistence devices in parallel. Users can also be stored in several different physical LDAP directory servers, or in different branches of the same LDAP directory server. This How To Guide shows you how to configure such devices using the XML configuration interfaces. 2004   SAP   L  ABS ,   LLC. 1   HOWTO   C ONFIGURE M ULTIPLE LDAP   S ERVERS FOR EP   6.0 DRAFT 2 Prerequisites Gather all of the connection information for each of the LDAP target systems you need to connect to. This information will include the server name (fully qualified), port, user to connect with (the full DN is required), the password for this user and the paths to both the user and groups definitions. You will also need a text editor other than Notepad to edit the XML configuration files. Notepad adds an additional character to the end of the line which may cause problems with the XML parser used by the J2EE Engine. A great free XML editor is “Cooktop”. 3 Limitations For most upto date general limitations in the UME please check SAP Note 673824. Details about data source configuration can be found in the SAP NetWeaver 04 documentation on http://www.help.sap.com (Identity Management – User Management Engine). 3.1 Limitations of Multiple Data Sources Since the number of data sources directly impacts the time for search operations inside the UME it is recommended to have not more than 5   data sources.  LDAP groups cannot span different LDAP data sources. LDAP groups can therefore only include users from the data source where they are read from. 2004   SAP   L  ABS ,   LLC. 2   HOWTO   C ONFIGURE M ULTIPLE LDAP   S ERVERS FOR EP   6.0 DRAFT The Step By Step Solution 1)   Ensure that the UM Configuration is set to “ Database Only ” or that the current UM configuration creates new users in the database. a)   Navigate the the UM Configuration UI (System Administration -> System Configuration -> UM Configuration) and select the “Data Sources”   tab. b)   Choose “Database Only” or any “… Read Only” dataSource. c)   Save. d)   Restart J2EE Engine. 2)   Create a new user ID in the portal and assign it to the Super Administration role. Log off and then log back on to the portal with this ID to ensure you can access the administrative function using the ID from the database. This ensures that you can logon and perform administration tasks even if the portal is unable to connect to an LDAP source. ã  Follow the documentation for creating users (Administration Guide > Portal Platform > User  Administration > User Management Administration Console) and assigning users to roles (Administration Guide > Portal Platform > User Administration > Role Assignment) 3)   Establish the initial UM configuration. a)   Navigate the the UM Configuration UI (System Administration -> System Configuration -> UM Configuration) and select the “Data Sources”   tab. b)   Choose the most appropriate DataSource configuration from the delivered list (e.g. iPlanet, Novell, MS ADS, etc.) c)   Complete UM configuration for the first LDAP data source using the User Management Configuration Tool. d)   Restart the J2EE Engine. e)   Logon to portal server with an LDAP user to test the connection. If there are problems, use the database user ID you created in step #2 to logon to the portal and resolve connectivity issues. 2004   SAP   L  ABS ,   LLC. 3 
Search Related
We Need Your Support
Thank you for visiting our website and your interest in our free products and services. We are nonprofit website to share and download documents. To the running of this website, we need your help to support us.

Thanks to everyone for your continued support.

No, Thanks