on 08-28-2008 1:54 PM
Hello,
I am using the NetWeaver CE 7.1 SP 5 and have configured the User Management to rely on an Sun One LDAP. As I have learned so far roles assigned to users from the LDAP are maintained in the UME database by default rather than the LDAP.
However, it is desirable to store (and fetch) the information somehow in (from) the LDAP. Is there any way to achieve this?
Best regards
Alexander
Hi Alexander,
UME roles (and portal roles) are object of the Application Server Java. You cannot store this information in an LDAP. The association between the LDAP user and these roles is stored in the database of the AS Java.
-Michael
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
As I have full access to the information stored in LDAP I can define any role I want to have. For instance I could define a role "SAP Portal User" and assign it to a user. Ideally, there is a way to map this LDAP role to the role "Standard User Role" or something like this from the AS Java. The mapping is meant to realize that the user effectively has the role "Standard Portal User" from the Portal's point of view.
Best regards
Alexander
When the UME resolves the roles assigned to the user it will look for UME and portal roles directly assigned to the user. Then it will check the group assignments to see if roles are assigned to the groups in the database of the AS Java. The UME is unaware of LDAP roles. You can assign roles to the LDAP groups though.
-Michael
You can assign roles to the LDAP groups though.
What does that mean?
Does that mean that I create an LDAP group "SAP Portal user", assign all required Portal roles to this LDAP group, and each user belonging to this group implicitly carries the desired roles? That would solve my problem, won't it?
Best regards
Alexander
I read somewhere that its possible to customise role persistence to make sure that portal roles are mapped to LDAP groups. May I know if you have done this? How to customise any portal services because in the usr\sap....\server0...\ folder i only see class files for all portal services.
I need this info very uregently. Points will be given for this.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello Ritesh,
I read somewhere that its possible to customise role persistence to make sure that portal roles are mapped to LDAP groups.
I am not sure what you mean with role persistence. However, you can assign Portal roles to LDAP groups using the UME. The link between a role and the group is stored in the UME database. The benefit is that you can indirectly assign the Portal roles to users by adding the user to the LDAP group which carries the roles.
Best regards
Alexander
What is the default portal role for every user available in LDAP? During runtime in production enviornement whenver I create new user for LDAP, I want to determine its portal roles automatically and assign those roles to him/her in portal.
Can you suggest me how to do this?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
93 | |
10 | |
10 | |
9 | |
9 | |
7 | |
6 | |
5 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.