on 05-24-2006 1:14 PM
Hii,
I want to configure LDAP with portal server is there any documentation available which can explain the process step by step.
Regards
Hiren K.Chitalia
Hi Hiten,
Follwing is step by step solution to configure LDAP server for EP
1) Ensure that the UM Configuration is set to Database Only or that the current
UM configuration creates new users in the database.
a) Navigate the the UM Configuration UI (System Administration -> System
Configuration -> UM Configuration) and select the Data Sources tab.
b) Choose Database Only or any Read Only dataSource.
c) Save.
d) Restart J2EE Engine.
2) Create a new user ID in the portal and assign it to the Super Administration role. Log off and then log back on to the portal with this ID to ensure you can access the administrative function using the ID from the database. This ensures that you can logon and perform administration tasks even if the portal is unable to connect to an LDAP source.
3) Establish the initial UM configuration.
a) Navigate the the UM Configuration UI (System Administration -> System
Configuration -> UM Configuration) and select the Data Sources tab.
b) Choose the most appropriate DataSource configuration from the delivered list
(e.g. iPlanet, Novell, MS ADS, etc.)
c) Complete UM configuration for the first LDAP data source using the User
Management Configuration Tool.
d) Restart the J2EE Engine.
e) Logon to portal server with an LDAP user to test the connection. If there are
problems, use the database user ID you created in step #2 to logon to the
portal and resolve connectivity issues.
4) Capture information required for creating a new UM Configuration for Multiple
LDAP sources.
a) Log back on to the portal using an administrator ID.
b) Navigate back to the UM Configuration Tool and select the Data Sources
tab.
c) Click Download to download a copy of the appropriate XML file. Save this
file to your local filesystem for editing.
d) Navigate to LDAP Server tab and verify connection information to the LDAP
server. Click Test Connection to ensure credentials are correct. Save the
configuration before continuing to the next step.
e) Navigate to Direct Editing tab.
f) Scroll down to the LDAP Settings section and copy the contents to MS
WordPad or other text editor (configuration document).
5) Create a new UM configuration file for multiple LDAP data sources.
a) Open the dataSourceConfiguration_multiLDAP_db.xml file (previously
downloaded) using a text editor (other than Notepad) and locate the
<dataSource.../> section for the CORP_LDAP. Copy the entire section
from <dataSource > to </dataSource> to the clipboard.
b) For each additional LDAP server, paste the copy into the document after the
original </dataSource > ending tag for the CORP_LDAP source. Change
the name of the data source for pasted copy to CORP_LDAP_X or some
other value. This value becomes a data source identifier for UME and prefixes
the principal Ids.
c) For each LDAP data source, locate the <privateSection > within the
<dataSource > tag and enter the following lines if they are not present:
<ume.ldap.access.server_name>SERVER_HOSTNAME</ume.ldap.access.server_name> <ume.ldap.access.server_port>SERVER_PORT</ume.ldap.access.server_port> <ume.ldap.access.user>DS_USER_NAME</ume.ldap.access.user> <ume.ldap.access.password>DS_PASSWORD</ume.ldap.access.password> <ume.ldap.access.base_path.user>USER_ROOT_IN_DS</ume.ldap.access.base_path.user> <ume.ldap.access.base_path.grup>GROUP_ROOT_IN_DS</ume.ldap.access.base_path.grup> d) Update the properties for each datasource with the correct values obtained from the Direct Editing tab (now stored in the configuration document). An example is shown below: <dataSource id="CORP_LDAP_2" className="com.sap.security.core.persistence.datasource.imp.LDAPPersistence" isReadonly="true" isPrimary="true"> ... <privateSection> <ume.ldap.access.server_name>i802895a.phl.sap.corp</ume.ldap.access.server_name> <ume.ldap.access.server_port>389</ume.ldap.access.server_port> <ume.ldap.access.user>cn=Directory Manager</ume.ldap.access.user> <ume.ldap.access.password>ksdf8SDF#%</ume.ldap.access.password> <ume.ldap.access.base_path.user>ou=people,dc=phl,dc=sap,dc=corp</ume.ldap.access.base_path.user> <ume.ldap.access.base_path.grup>ou=groups,dc=phl,dc=sap,dc=corp</ume.ldap.access.base_path.grup> <ume.ldap.access.server_type>SUN</ume.ldap.access.server_type> [more stuff] </privateSection>
6) Upload the new UM Configuration file.
a) Navigate back to Data Source tab and choose Other for the data source.
b) Click Upload and navigate to the new configuration file -
dataSourceConfiguration_multiLDAP_db.xml. Upload this to the server.
c) Click Save to save the new configuration.
d) Navigate to the Direct Editing tab.
e) Comment out all of the LDAP settings which begin with ume.ldap.access.*
such as server name, passwords, etc. that are now manually configured in
the XML file.
f) Click Save to save the properties. (You may also wish to make a copy of the
new settings and save them to a file for recovery purposes). g) Restart the
J2EE engine.
7) Test the configuration.
PS: Pl award points if post found useful
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Please send me ldap configuration documents to nancylam01@yahoo.com
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hii Piyush,
My Mail ID is hirenchitalia@gmail.com
Regards
Hiren K.Chitalia
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Hiren,
Many documents. Send me an email and I can send few i have.
Regards,
Piyush
ps: please mark for useful answers.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hiren,
Your question is broad, as there are many LDAPs and the portal can be configured with a single or multiple ldap data stores.
Are you going to use MS ADS/eDirectory. Which data store type are you wanting to deploy?
http://help.sap.com/saphelp_nw2004s/helpdata/en/7e/a2d475e5384335a2b1b2d80e1a3a20/frameset.htm
James
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
90 | |
10 | |
10 | |
10 | |
7 | |
7 | |
6 | |
5 | |
4 | |
3 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.