on 08-25-2009 1:29 AM
Hello
I am implementing SAP identity Management 7.1with external tools MS active Directory with Single sign on using SAP IDM . Is there any documentation as to how do I connect SAP IDM with MS AD with the roles and their user provisioning process .
Also does anyone have a architectural work flow template on this process .
I'd suggest taking a look at the included tutorials. NW IdM treats AD as just anothere LDAP. However you'll need SSL for password resets and to know how to deal with the essential AD attributes.
Bind ID which is usually the most troublesome thing is the complete domiain name of the administrator (cn=administrator,cn=users,dc=blah, dc=com)
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Sahad,
It should be included with the installation media.
There's one that referrs directly to AD and another one that refers to Directories in general.
Did not see them in the documentation library but their names are:
SAP-NW_IdM_IC_Tutorial_DirectoryServers.pdf
SAP-NW_IdM_IC_Tutorial_ActiveDirectory.pdf
Matt
Hi Matt,
Thank you for giving the names
Please while creating repository for AD, which option we need to select
a) ADS for SAP PF (Repository template for active directory for SAP provisioning frame work
or
b) Directory ( Repository template for LDAP)
Also how we can use SSL for AD . Is there any documentation which tells about using SSL for AD ?
Thanks in advance.
Hi,
you should use the ADS for SAP PF.
Information about how to install a certificate for AD can be found here:
http://support.microsoft.com/kb/321051
Best regards
Holger
THANKS A LOT
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Does SSL works only for password reset in AD or does this password need to be added in attributes in Identity center ?
Also while integration MS AD can we create an automation process to update SSO for users .
Edited by: braveheart on Sep 2, 2009 3:59 AM
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
I'd suggest taking a look at the included tutorials. NW IdM treats AD as just anothere LDAP. However you'll need SSL for password resets and to know how to deal with the essential AD attributes.
Bind ID which is usually the most troublesome thing is the complete domiain name of the administrator (cn=administrator,cn=users,dc=blah, dc=com)
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
95 | |
11 | |
10 | |
9 | |
9 | |
7 | |
6 | |
5 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.