cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Portal Initial Load - LDAP vs Database

Go to solution
mubarakshabna_asmi
Participant

on ‎04-13-2009 3:02 PM

0 Kudos

All:

I have a few questions about how to handle EP users and privileges in IDM.

The EP uses a LDAP as the data source

1. How do I do the initial load. Do I use AS Java (LDAP) or AS Java(Database) or both

2. Looking at the passes under the job AS Java (LDAP) is looks like it reads the localjavausers but how would it read the backend LDAP because we do not give the user and password for LDAP in the repository constants.

3. OR should I connect the backend LDAP as a seperate repository and do its own initail load.

Thanks for your time.

Thanks

S.

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
‎07-13-2009 5:36 AM
0 Kudos

Found out, you need to change to Ldap filter in the source tab of the readlocaljavausers job

datasource = PRIVATE_DATASOURCE

to whatever the ldap datasource is set as.

e.g. datasource = CORP_LDAP

Show replies
Show replies
mubarakshabna_asmi
Participant
‎07-13-2009 1:13 PM
0 Kudos

Thanks Leo. I just connected the LDAP as a separate datasource and for the portal, gave the database as the datasource.

I am going to install NWIDM 7.1 soon. Will following your suggestion then.

Thanks for sharing.

Shabna

Answers (2)

Answers (2)

mubarakshabna_asmi
Participant
‎04-27-2009 4:30 PM
0 Kudos

This works now. I had to restart dispatcher for the 3600s setting to work.

Show replies
Show replies
Former Member
‎07-13-2009 3:01 AM
0 Kudos

Hi Shabnam

Regarding your second question below

2. Looking at the passes under the job AS Java (LDAP) is looks like it reads the localjavausers but how would it read the backend LDAP because we do not give the user and password for LDAP in the repository constants.

Did you manage to load the backend ldap accounts with the AS Java (database) job? because it still looks like the job will only pull the ume accounts and not the ldap ones.

Regards

Leo

Former Member
‎04-13-2009 3:15 PM
0 Kudos

Shabnam,

I'd suggest taking a look at the SAP Provisioning framework. It should point you in the right direction.

Matt

Show replies
Show replies
mubarakshabna_asmi
Participant
‎04-13-2009 3:44 PM
0 Kudos

Matthew,

Thanks for your time. I believe the tasks under SAP provisioning framework come into picture after the initial loads. How does one handle the initial load.

Thanks

S.

Former Member
‎04-13-2009 5:21 PM
0 Kudos

Shabnam,

The framework does include inital load tasks. Please consult the operations guide. [https://www.sdn.sap.com/irj/sdn/nw-identitymanagement?rid=/webcontent/uuid/405d9f79-3287-2b10-e884-ab766860762d] [original link is broken]; for more information. I saw a reference around page 34.

Hope this helps,

Matt

mubarakshabna_asmi
Participant
‎04-13-2009 6:43 PM
0 Kudos

Matt,

I am running IDM version 7.0. The operations guide does not says anything about initial loads.

I started a AS JAVA(LDAP) initial load and on the first pass "ReadLocalJavaUsers" itself it hangs and times out.

13.04.2009 13:21:54 :I:Initializing custom pass FromSPML: ReadLocalJavaUsers

13.04.2009 13:21:54 :I:Initializing SPML search

13.04.2009 13:21:54 :I:http://<hostname>:<port>/spml/provisioning

13.04.2009 13:21:54 :I:SAPprincipals

SAPprincipals is the starting point and it doesnt go any further. I was able to successfully do a load when I tried it on IDM SP1 last year. I am not sure whats changed since then

Thanks

S.

Former Member
‎04-13-2009 7:54 PM
0 Kudos

Hi Shabnam

I used the Database for my Inital Load and had no problems so far. This even worked with a MiniSAP.

Can you reach the portal under http://hostname:port when you open a browser on the IDM machine? Might be a firewall issue. Maybe also try to enter the IP in your repository definition. You might have a DNS issue.

If I enter the URL in my browser I get: SPML Provider successfully installed and configured (full access)

As you said it worked before I assume the problem is in this area.

HTH

Chris

mubarakshabna_asmi
Participant
‎04-13-2009 8:04 PM
0 Kudos

Chris,

I am able to access http://<host>:<port>/spml/provisioning from the IDM machine with any problems. I also get the SPML Provider successfully installed and configured (full access).

I am not sure where things are going wrong.

Thanks

S.

mubarakshabna_asmi
Participant
‎04-13-2009 8:58 PM
0 Kudos

Chris,

The repository you defined for portal was of the type "sap netweaver as java repository" or "sap netweaver as java repository (ldap backend)?

Thanks

S.

Former Member
‎04-13-2009 9:40 PM
0 Kudos

Hello Shabnam

I use the Java repository.

mubarakshabna_asmi
Participant
‎04-27-2009 4:04 PM
0 Kudos

I am using the AS JAVA (Database) initial load. It keeps getting timed out and re-scheduled.

I also tried increasing the "execution timeout" to even upto 3600 sec. Still it does not go beyond

:I:Initializing custom pass FromSPML: ReadLocalJavaUsers

:I:Initializing SPML search

:I:http://<host>:50000/spml/provisioning

:I:SAPprincipals

I can get to http://<host>:50000/spml/provisioning in the same box, I can telnnt to the port.

I keeps timing out and rescheduling.

:I:Job completed in 3389.274 seconds.

:I:Handled: 0 Warnings: 4

:I:Total time used is 3390.039 seconds.

:W:mc_job_set_finish(2374) signalled failure! Status=Not legal to stop job in this state (1)

:X:Closing IdentityCenter

:X:Execution completed in 3390.54 seconds.

Why is this happening?

Thanks

S.

Ask a Question