cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

LDAP User sync problem

Former Member

on ‎05-03-2010 5:22 PM

0 Kudos

Hi,

I have configured LDAP on NetWeaver WebAs ABAP using LDAP transaction. It is working fine and I am able to sync users from Microsoft AD to SAP Database. But the problem is It is also synchronizing the terminated users from the company, which are not useful. We have 2 entries under base entry need to be synced excluding the terminated users. If I use base entry it taking all users instead I want to sync only users under those two DNs. Is there any way to do this?

One more Question is I have synchronized all users later I have mapped some fields. For new users I am getting the mapped field updates but not for the already synced users when I run the sync report. Can I update already synced user fields also or do I need to delete all users and start re-sync again?

Thanks,

Ajay.

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (2)

Answers (2)

Former Member
‎06-09-2010 2:59 PM
0 Kudos

Answered

Show replies
Show replies
Former Member
‎05-10-2010 4:00 PM
0 Kudos

Hi Ajay,

Let me see if I understand you correctly:

1. You're running an LDAPSYNC from AD to ABAP?

The ldap connector works using the "subtree" method by defaul. It scans all OUs under the BaseDN you specified. If you wish to perorm this scan only on two specific DNs, ou=department1,ou=users,dc=ldap,dc=corp and ou=department2,ou=users,dc=ldap,dc=corp and not the whole ou=users,dc=ldap,dc=corp, then you need to create two entries in trans. LDAPMAP.

If you copy your existing entry, it will copy the attribute mappings as well.

This will require you to run the RSLDAPSYNC_USER report for each of the server settings.

2. For a one time update, you can run the RSLDAPSYNC_USER report and choose "ignore timestamp" in the "objects that exist both in directory and database".

This will update the user's info, provided you set the "import" flag for the attributes in the 'synchronization' section for the server (trans. LDAPMAP).

Best regard,

Eric

Show replies
Show replies
Ask a Question