hi,

The reason for such occurrence was that, the UME (User Management Engine) assigns unique IDs to the LDAP users. By Default the unique ID contains the distinguished name of the user.

If the user is moved to a different location in the LDAP Directory, its distinguished name changes.

For example the unique ID of a user is

USER.CORP_LDAP.cn=testuser, ou=people, o=mycompany

If this user is changed to a different location for which ou=admins then the unique ID of the user is changed to

USER.CORP_LDAP.cn=testuser, ou=admins, o=mycompany

In this case the UME can no longer find any data associated with the user under the old unique ID and the data (role assignment or user mappings) stored in database for such users gets lost. So in this regard we have changed the configuration of the UME so that it no longer uses the distinguished name in the unique ID, instead we use a unique attribute that is never changed in the LDAP directory.

please follow the SAP note: 777640

This will resolve ur issue.

Thanks and regards,

Kris

Hi ,

I am not sure but you can try as the LDAP unique ID will alwys start with USER:CORP:LDAP so it shd nt have problem as long as the same mapping of the UME atttribute is there with LDAP.

But changing Unique ID i doubt that will be feasible.

Regards

Pankaj Prasoon