Sync User Locks from LDAP(Microsoft AD) to Portal ...

Former Member · ‎10-22-2009

Hi All,

Currently we have our Portal UME connected to LDAP (Microsoft AD) as our data source. I can bring up all Active Directory users in Portal, however the users that are locked and disabled in Active directory are still active in portal. To be more clear the expiration date of a userid in AD does not sync with Portal UME account expiration date. Is there a way to bring in the expiration value in to portal?

Regards,

Junaid

Former Member · ‎10-23-2009

Have you checked with the mapping fields? there should be a field. However, if the user is locked or have validity set to past in AD, then they can't login to portal.

regards,

Gowrinadh

Former Member · ‎10-30-2009

Gowrinadh, thanks for you reply. I am aware that users cannot login, but need the locked account to be reflected in portal also for licensing reasons. SAP will consider them active untill their account is disabled in Portal. That's why I wanted to know how we sync the disable or expiration field from AD to portal.

thanks,

Junaid

Former Member · ‎11-01-2009

Have you received any kind of documentation for portal licensing?

as per my knowledge there is no such procedure exists for today. However, SAP can release one.

Regards,

Gowrinadh

Former Member · ‎11-02-2009

Config tool may not have expiry date as mapping in Additional LDAP prop tab, you may need to look for configuration file where you can map the logical attribute to the LDAP.

Licensing impact depends on your contract with SAP.

However you can check portal users with USMM at the end of URL.

E.g.

remove 'irj/portal' from your initial portal link and add 'usmm'

Sync User Locks from LDAP(Microsoft AD) to Portal UME